Commit Graph

136 Commits

Author SHA1 Message Date
Naarcha-AWS ab5654cc36
Edits to PR #804, TLS settings (#1071)
* add note regarding required use of TLS transport

"basic usage" doesn't mention that the securityadmin.sh command will fail outright if "plugins.security.ssl.http.enabled" is set to "false"

Signed-off-by: David Vassallo <davevassallo@gmail.com>

* Update _security-plugin/configuration/security-admin.md

Signed-off-by: David Vassallo <davevassallo@gmail.com>

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Add one copy edit

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

Signed-off-by: David Vassallo <davevassallo@gmail.com>
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
Co-authored-by: David Vassallo <davevassallo@gmail.com>
2022-09-10 10:31:48 -05:00
Naarcha-AWS 23bf3a658f
Add removed security permissions (#1088)
* Add removed security permissions

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

* Remove dupes

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-09-07 11:34:44 -05:00
David Vassallo 0b624cbaf2
add note regarding required use of TLS transport (#804)
* add note regarding required use of TLS transport

"basic usage" doesn't mention that the securityadmin.sh command will fail outright if "plugins.security.ssl.http.enabled" is set to "false"

Signed-off-by: David Vassallo <davevassallo@gmail.com>

* Update _security-plugin/configuration/security-admin.md

Signed-off-by: David Vassallo <davevassallo@gmail.com>

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

Signed-off-by: David Vassallo <davevassallo@gmail.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2022-09-01 11:19:15 -05:00
Chris Moore aa5823d61c
Add documentation for the plugins.security.cache.ttl_minutes property (#1039)
* auth cache timeout prop

Signed-off-by: cwillum <cwmmoore@amazon.com>

* auth cache timeout prop

Signed-off-by: cwillum <cwmmoore@amazon.com>

Signed-off-by: cwillum <cwmmoore@amazon.com>
2022-09-01 08:57:12 -07:00
Chris Moore c3f2b7bdf1
CCS-permissions (#1053)
Signed-off-by: cwillum <cwmmoore@amazon.com>

Signed-off-by: cwillum <cwmmoore@amazon.com>
2022-09-01 08:48:42 -07:00
Chris Moore b9838dfd87
Missing documentation for the plugins.security.allow_default_init_securityindex property (#919)
* “fix#676-allow_default_init_securityindex”

Signed-off-by: cwillum <cwmmoore@amazon.com>

* “fix#676-allow_default_init_securityindex”

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#676-allow_default_init_securityindex

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#676-allow_default_init_securityindex

Signed-off-by: cwillum <cwmmoore@amazon.com>

Signed-off-by: cwillum <cwmmoore@amazon.com>
2022-08-29 13:17:36 -07:00
Craig Perkins f1d1dde8e5
resolve_hostname should be singular (#1019)
Signed-off-by: Craig Perkins <cwperx@amazon.com>

Signed-off-by: Craig Perkins <cwperx@amazon.com>
2022-08-29 13:12:35 -05:00
Craig Perkins c48cf8c600
Fix example using custom_attr_whitelist and custom_attr_maxval_len in ldap documentation (#981)
Signed-off-by: Craig Perkins <cwperx@amazon.com>

Signed-off-by: Craig Perkins <cwperx@amazon.com>
2022-08-25 14:08:45 -05:00
Melissa Vagi f586fdcd2c
resolve issue #832 (#982)
Signed-off-by: vagimeli <vagimeli@amazon.com>

Signed-off-by: vagimeli <vagimeli@amazon.com>
2022-08-24 16:27:21 -06:00
Craig Perkins 906a81bca7
Update documentation from opensearch_security_roles to opendistro_security_roles (#892)
Signed-off-by: Craig Perkins <cwperx@amazon.com>

Signed-off-by: Craig Perkins <cwperx@amazon.com>
2022-08-23 20:55:30 -05:00
Peter Nied 1640b3482e
Fix setting name for LDAP custom attribute filter (#912)
Signed-off-by: Peter Nied <petern@amazon.com>

Signed-off-by: Peter Nied <petern@amazon.com>
2022-08-23 09:49:51 -05:00
Craig Perkins 206e97a2b7
Change /_plugins/_security/.. routes to /_opendistro/_security/... for SAML until plugins route is supported (#877)
Signed-off-by: Craig Perkins <cwperx@amazon.com>

Signed-off-by: Craig Perkins <cwperx@amazon.com>
2022-08-11 17:41:30 -05:00
Jeff Huss 9f3434c10c
Added reference to RFC2818 along with guidance to add subjectAltNames… (#748)
* Added reference to RFC2818 along with guidance to add subjectAltNames ext when generating certs

Signed-off-by: jeffhuss <jeffhuss@amazon.com>

* Cleaned up wording in cert generation section

Wording before was redundant and there was a fragment sentence left in.  I cleaned that up to make it readable.

Signed-off-by: jeffhuss <jeffhuss@amazon.com>

* Spot fixes of terms, added SAN guidance and references and cleaned up sample script

Signed-off-by: jeffhuss <jeffhuss@amazon.com>

* Updated sample script to clean up the extension files too

Signed-off-by: jeffhuss <jeffhuss@amazon.com>

* Cleaned up formatting, removed SAN reference in admin cert steps

Signed-off-by: jeffhuss <jeffhuss@amazon.com>

* Removed extra word from node cert steps

Signed-off-by: jeffhuss <jeffhuss@amazon.com>

* Removed reference to admin.ext from sample script since it doesn't exist anymore

Signed-off-by: jeffhuss <jeffhuss@amazon.com>
2022-08-02 14:38:03 -07:00
kolchfa-aws f225c77c34
Snapshot management (#757)
* Added snapshot management

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Snapshot management v2

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Added snapshot management

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Added user roles

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Added SME comments

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Changed dashboards access from index management to snapshot management

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Editorial comments

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
2022-07-07 14:19:01 -04:00
Peter Nied 5d5729c4c0
Update securityonfig path based on path reorganization (#763)
Signed-off-by: Peter Nied <petern@amazon.com>
2022-07-07 12:08:28 -05:00
cwillum d4738c73b1
added api info for reloadcerts (#753)
Signed-off-by: cwillum <cwmmoore@amazon.com>
2022-07-05 07:58:50 -07:00
Jeff Huss d7088636b1
Update default index name to .kibana instead of .opensearch-dashboards (#742)
Signed-off-by: jeffhuss <jeffhuss@amazon.com>
2022-06-30 13:02:33 -07:00
Naarcha-AWS 1067dad114
Correct branch names for security and logstash repos (#702)
* Add back Data Prepper 1.4 docs (#698)

* Add back Data Prepper 1.4 docs

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

* Fix Data Prepper Docker image

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

* Update GitHub links to `main` branches rather than `master` where it has been changed

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

Co-authored-by: Aaron Carson <aaron@aaroncarson.co.uk>
2022-06-23 10:14:39 -05:00
pawelw1 95782cda5a
Update serach.remote with cluster.remote (#696)
Signed-off-by: pawelw1 <pawel.wlodarczyk@eliatra.com>
2022-06-22 12:57:09 -05:00
Alice Williams 8909564891
for cluster manager term update (#691)
* for cluster manager term update

Signed-off-by: alicejw <alicejw@amazon.com>

* for small fix

Signed-off-by: alicejw <alicejw@amazon.com>

* to change  to

Signed-off-by: alicejw <alicejw@amazon.com>
2022-06-20 13:53:51 -05:00
Brian Saghy fcb84af481 Fix server.host to valid address to fix issue with Opensearch-Dashboards 2.0
Signed-off-by: Brian Saghy <brian@finishbot.com>
2022-06-15 14:53:54 -04:00
pawelw1 fcd6b293f1
securityadmin.sh default port change
Signed-off-by: pawelw1 <pawel.wlodarczyk@eliatra.com>
2022-06-07 18:35:16 +01:00
Naarcha-AWS de82c913c5
Merge pull request #499 from jaycci/security-dashboards-plugin-PR929
Documentation for security-dashboards-plugin PR929
2022-05-25 15:53:21 -05:00
Naarcha-AWS 146a01c78e
Merge pull request #420 from mm-govau/security-roles-in-dls
Documentation for security roles to be used for DLS parameter substit…
2022-05-25 14:53:26 -05:00
hdhalter e6d0a9d96f
Merge pull request #600 from opensearch-project/Fix-#580
Removed OpenDistro from GET command (Issue #580)
2022-05-23 17:22:55 -07:00
Heather Halter ac509b2566 “fixed
Signed-off-by: Heather Halter <hdhalter@amazon.com>
2022-05-23 14:03:11 -07:00
alicejw 6e65cf2494 for editor's review comments
Signed-off-by: alicejw <alicejw@amazon.com>
2022-05-11 14:33:50 -07:00
alicejw e473df4cce found more instances of to change to for
Signed-off-by: alicejw <alicejw@amazon.com>
2022-05-06 15:50:26 -07:00
alicejw 3d1087ed60 i found out that the original term was correct here, it is a term lookup query, not the generic so changing it back.
Signed-off-by: alicejw <alicejw@amazon.com>
2022-05-06 15:48:06 -07:00
alicejw 2d5062d85b disambiguate use of TLQ acronym applied incorrectly to because it represents instead.
Signed-off-by: alicejw <alicejw@amazon.com>
2022-05-06 15:39:01 -07:00
Naarcha-AWS aa9f88e37a
Merge pull request #509 from opensearch-project/whitelist-replace2.0
Add allowlist for more inclusive nomenclature
2022-05-03 14:50:25 -05:00
Naarcha-AWS c6f7341993 Break up allowlist
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-05-03 14:49:55 -05:00
Naarcha-AWS 73eea241ef Remove use of allowlist
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-05-03 14:38:37 -05:00
Naarcha-AWS 28194d5653 Add CamelCase:
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-05-03 14:36:26 -05:00
Naarcha-AWS 35bfcd883d
Merge pull request #512 from opensearch-project/remove-mapping-types2.0
Remove type from all API requests and responses
2022-05-03 14:33:31 -05:00
Naarcha-AWS 9cc549f0d9
Merge pull request #516 from alicejw-aws/DLS-issue-474
[issue 474] document DLS mode usage for Term Lookup Query support
2022-05-03 14:28:17 -05:00
alicejw f8da06360a for editor review updates
Signed-off-by: alicejw <alicejw@amazon.com>
2022-05-02 14:09:18 -07:00
alicejw 388b57cad2 to fix table format
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 18:00:05 -07:00
alicejw 2ece32042c include full mode name
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 17:37:33 -07:00
alicejw ab644a3daa more rewrites for clarity
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 17:34:28 -07:00
alicejw e176dffb66 rewrite to make concise within a single table
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 16:53:52 -07:00
alicejw 543bff618c for evaluation mode table
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 16:46:06 -07:00
alicejw b263e000a1 to make TQL consistent and add link to term-level queries section
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-29 15:32:03 -07:00
Naarcha-AWS 9194940dbf Add feedback.
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-04-25 12:46:16 -05:00
alicejw 306885ca9c for reviewer feedback updates
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-25 10:12:33 -07:00
alicejw 40f7b00960 for TQL with document-level security modes for issue https://github.com/opensearch-project/documentation-website/issues/474
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-21 18:47:14 -07:00
Darshit Chanpura 2e5bcf1924 Updates all documentation relevant to securityconfig folder name change in the security plugin build flow
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
2022-04-14 22:47:09 -04:00
alicejw 19e11b85fb updates for reviewer comments
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-14 12:43:13 -07:00
alicejw db3de3b235 for review comment/update
Signed-off-by: alicejw <alicejw@amazon.com>
2022-04-14 11:48:51 -07:00
Naarcha-AWS 0a24fa2992 Remove from all API requests and responses
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
2022-04-14 12:55:17 -05:00