Commit Graph

25 Commits

Author SHA1 Message Date
Naarcha-AWS 0801f38b5e
Update SAML tutorial with new default Admin settings (#6279)
* Update SAML tutorial with new default Admin settings

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Add variable

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

---------

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
2024-02-01 10:58:12 -08:00
John Heraghty 8224d69c1b
Update exchange_key description to use different HMAC setting (#5909)
* Update exchange_key description to use different HMAC setting

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update _security/authentication-backends/saml.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update saml.md

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update saml.md

Update to the exchange key description to give more of an instruction to the user on what to enter there.

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update _security/authentication-backends/saml.md

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

---------

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2024-02-01 11:48:17 -06:00
Stephen Crawford 82d0482198
Clarify anonymous authentication support (#6022)
* readd auth token doc

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Fix vale

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Apply suggestions from code review

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Apply suggestions from code review

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Fix embedded command

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Blank lines after headings

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* change

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Style guidelines

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Apply suggestions from code review

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Clarify anonymous auth

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* remove auth token doc

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Doc review changes

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* fix links

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* missed one

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Fix links

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Apply suggestions from code review

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>

---------

Signed-off-by: Stephen Crawford <steecraw@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
Signed-off-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Co-authored-by: Fanit Kolchina <kolchfa@amazon.com>
Co-authored-by: Nathan Bower <nbower@amazon.com>
2024-01-11 14:44:41 -05:00
Stephen Crawford 7d8a6a379d
Update JWT documentation to recommend only using jwt_header or audit logging not both (#5914)
* readd auth token doc

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Fix vale

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Apply suggestions from code review

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Apply suggestions from code review

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Fix embedded command

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Blank lines after headings

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* change

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Style guidelines

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Update _security/access-control/authentication-tokens.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Apply suggestions from code review

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* warn about audit logging of custom headers

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Update _security/authentication-backends/jwt.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

---------

Signed-off-by: Stephen Crawford <steecraw@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-12-21 16:16:23 -06:00
John Heraghty ef7cacedec
Add sections for removing OpenSearch Dashboards Security plugin (#5830)
* Add sections for removing Dashboards Security plugin in other installation types

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update _security/configuration/disable.md

Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update _security/configuration/disable.md

Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update disable.md

Making the changes suggested by reviewer to move the paragraph relating to Dashboards removal down to the Remove OpenSearch Dashboards plugin section. 

Also, changing the headings within that section from 'Binary' to 'Tarball', and from 'Service' to 'RPM and Debian' to reflect the wording used for those types in the OpenSearch Installation sections.

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update _security/configuration/disable.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update _security/configuration/disable.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update _security/configuration/disable.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update _security/configuration/disable.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update _security/configuration/disable.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update _security/configuration/disable.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update disable.md

Clarify the location of the running OpenSearch Dashboards instance before stopping it with the Ctrl + C command.

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update disable.md

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Update the HMAC authentication requirements of exchange_key

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

* Update disable.md

Quick fix on couple of typos of opensearch_dashboards.yml

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

---------

Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Nathan Bower <nbower@amazon.com>
2023-12-20 12:26:50 -06:00
Craig Perkins a86d499225
Add custom_return_attributes to LDAP documentation (#5810)
* Add custom_return_attributes to LDAP documentation

Signed-off-by: Craig Perkins <cwperx@amazon.com>

* Address code review comments

Signed-off-by: Craig Perkins <cwperx@amazon.com>

---------

Signed-off-by: Craig Perkins <cwperx@amazon.com>
2023-12-08 15:13:24 -06:00
Simple-Analysis 21f8a61557
Document client certificate options to support mutual TLS for OpenID endpoint (#5697)
* Document client certificate options to support mutual TLS for OpenID
endpoint.

Signed-off-by: Calvin Harrison <74850112+Simple-Analysis@users.noreply.github.com>

* Update _security/authentication-backends/openid-connect.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Simple-Analysis <74850112+Simple-Analysis@users.noreply.github.com>

* Update _security/authentication-backends/openid-connect.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Simple-Analysis <74850112+Simple-Analysis@users.noreply.github.com>

* Update _security/authentication-backends/openid-connect.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Simple-Analysis <74850112+Simple-Analysis@users.noreply.github.com>

---------

Signed-off-by: Calvin Harrison <74850112+Simple-Analysis@users.noreply.github.com>
Signed-off-by: Simple-Analysis <74850112+Simple-Analysis@users.noreply.github.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-12-05 13:34:15 -06:00
Craig Perkins cba2dee4c3
Add note about configuring root CA for ldap in both authc and authz (#5727)
* Add note about configuring root CA for ldap in both authc and authz

Signed-off-by: Craig Perkins <cwperx@amazon.com>

* Address review comments

Signed-off-by: Craig Perkins <cwperx@amazon.com>

---------

Signed-off-by: Craig Perkins <cwperx@amazon.com>
2023-12-04 12:28:36 -06:00
Taeik Lim ff1dc0eb36
Fix typo in jwt authentication guide (#5650)
Signed-off-by: Taeik Lim <sibera21@gmail.com>
2023-11-28 13:35:09 -06:00
Naarcha-AWS 3ec0aa4228
Revert "Including info on OpenID Additional Parameters (#5600)" (#5686)
This reverts commit 4af8a0dda5.
2023-11-28 10:09:42 -06:00
Sam 4af8a0dda5
Including info on OpenID Additional Parameters (#5600)
* Including info on OpenID Additional Parameters

Signed-off-by: Sam <samuel.costa@eliatra.com>

* Update _security/authentication-backends/openid-connect.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Sam <128482925+samuelcostae@users.noreply.github.com>

* Update _security/authentication-backends/openid-connect.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Sam <128482925+samuelcostae@users.noreply.github.com>

* PR feedback changes

Signed-off-by: Sam <samuel.costa@eliatra.com>

---------

Signed-off-by: Sam <samuel.costa@eliatra.com>
Signed-off-by: Sam <128482925+samuelcostae@users.noreply.github.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-11-20 14:34:57 -06:00
Stephen Crawford 5f12318880
Update security documentation around username resolution (#5580)
* readd auth token doc

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Add docs

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Remove extra file

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* remove please

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* Update _security/configuration/tls.md

Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>

* Update

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

* split pr

Signed-off-by: Stephen Crawford <steecraw@amazon.com>

---------

Signed-off-by: Stephen Crawford <steecraw@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
2023-11-13 17:15:10 -05:00
Chris Moore 834a829b62
Add documentation topic to authentication backends section for HTTP basic authentication (#4638)
* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2512 basic for authc backend

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-08-25 16:26:21 -07:00
Chris Moore 07c4019e33
Add new zip for example SAML configuration files that reflect latest version (#3665)
* Add new zip for example SAML configuration files that reflect latest version

These changes add a new saml-example-custom.zip file containing `customize-docker-compose.yml`, `customize-config.yml`, and `customize-opensearch-dashboards.yml` files for use as the fully functioning SAML example. These changes also include edits to documentation so that steps accord with the new files.

* fix#618 saml example download

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#618 saml example download

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#618 saml example download

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#618 saml example download

Signed-off-by: cwillum <cwmmoore@amazon.com>

* Apply suggestions from code review

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-07-06 16:59:26 -05:00
Chris Moore 9f4b362dbf
Add documentation for validating JWT with JWKS (#4162)
* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#4050 jwks for JWT + reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-06-01 11:51:02 -07:00
Adam Gabryś b52424e67b
Describe SAML supported private key format and encryption algorithm (#1855)
OpenSearch allows signing requests by using a private key in the PKCS#8 format. If a user wants to use an encrypted key, the key must be encrypted with a PKCS#12-compatible algorithm.

The `SAML -> Request signing` documentation is extended with the requirements. It should save time of the customers who use wrong key formats or a good key format, but encrypted with an unsupported algorithm (e.g. PKCS#5 2.0 compatible algorithm).

Signed-off-by: Adam Gabryś <adam.gabrys@live.com>
2023-05-18 12:08:11 -05:00
Heather Halter ee7d1efd02
More redirects and spelling fixes (#4093)
* redirects and spelling

Signed-off-by: Heather Halter <hdhalter@amazon.com>

* Update _observing-your-data/ad/index.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _observing-your-data/ad/index.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

* Update _search-plugins/knn/index.md

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>

---------

Signed-off-by: Heather Halter <hdhalter@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-05-17 09:57:14 -07:00
Heather Halter 2bc05adb72
more redirect changes 5 (#4028)
Signed-off-by: Heather Halter <hdhalter@amazon.com>
2023-05-08 08:07:01 -07:00
kolchfa-aws 8463c8f278
Correct plugin capitalization (#3838)
* Correct plugin capitalization

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Revert cluster-stats because the name is in response

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

* Revert cluster-stats once more

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>

---------

Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
2023-05-04 11:11:54 -04:00
Chris Moore 2d20f539ec
Fix cookie-splitting setting example for SAML backend documentation (#3949)
* fix#3947 cookie splitting fix

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3947 cookie splitting fix

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-05-03 10:05:29 -07:00
Chris Moore 773559ac75
Add new settings for SAML and OIDC that allow for cookie splitting (#3807)
* fix#3691 cookie spitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3691 cookie spitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3691 cookie spitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3691 cookie spitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3691 cookie splitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3691 cookie spitting

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-04-24 13:42:44 -07:00
Chris Moore 15d324d30c
Add documentation for jwt_clock_skew_tolerance_seconds setting that resolves authentication errors (#3251)
* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#3220 auth fail from clock skew

Signed-off-by: cwillum <cwmmoore@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-03-28 13:48:18 -07:00
Luca Nardi 713eac8e67
Change url for opensearch_security.openid.scope configuration setting (#2944)
Signed-off-by: Luca Nardi <luca.nardi@live.it>
2023-03-21 11:52:50 -05:00
kolchfa-aws 3da7598c0c
Change sample to example (#2972)
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
2023-02-20 11:34:20 -05:00
Chris Moore d04e88b496
Reorganize Configuration section of the Security TOC (#2212)
* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* fix#2155-sec-toc-config-reorg

Signed-off-by: cwillum <cwmmoore@amazon.com>

* Rename security section. Fix links. Add redirects

Signed-off-by: Naarcha-AWS <naarcha@amazon.com>

---------

Signed-off-by: cwillum <cwmmoore@amazon.com>
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
Co-authored-by: Naarcha-AWS <naarcha@amazon.com>
2023-01-27 10:12:47 -08:00