7d8a6a379d
Update JWT documentation to recommend only using jwt_header or audit logging not both ( #5914 )
...
* readd auth token doc
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* Fix vale
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Apply suggestions from code review
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Apply suggestions from code review
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Fix embedded command
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* Blank lines after headings
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* change
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Style guidelines
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* Update _security/access-control/authentication-tokens.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Apply suggestions from code review
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update _security/access-control/authentication-tokens.md
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* warn about audit logging of custom headers
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* Update _security/authentication-backends/jwt.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
---------
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Co-authored-by: Melissa Vagi <vagimeli@amazon.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-12-21 16:16:23 -06:00
ef7cacedec
Add sections for removing OpenSearch Dashboards Security plugin ( #5830 )
...
* Add sections for removing Dashboards Security plugin in other installation types
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update _security/configuration/disable.md
Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update _security/configuration/disable.md
Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update disable.md
Making the changes suggested by reviewer to move the paragraph relating to Dashboards removal down to the Remove OpenSearch Dashboards plugin section.
Also, changing the headings within that section from 'Binary' to 'Tarball', and from 'Service' to 'RPM and Debian' to reflect the wording used for those types in the OpenSearch Installation sections.
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update _security/configuration/disable.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update _security/configuration/disable.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update _security/configuration/disable.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update _security/configuration/disable.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update _security/configuration/disable.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update _security/configuration/disable.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update disable.md
Clarify the location of the running OpenSearch Dashboards instance before stopping it with the Ctrl + C command.
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update disable.md
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Update the HMAC authentication requirements of exchange_key
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
* Update disable.md
Quick fix on couple of typos of opensearch_dashboards.yml
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Nathan Bower <nbower@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
---------
Signed-off-by: John Heraghty <148883955+john-eliatra@users.noreply.github.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Nathan Bower <nbower@amazon.com>
2023-12-20 12:26:50 -06:00
a86d499225
Add custom_return_attributes to LDAP documentation ( #5810 )
...
* Add custom_return_attributes to LDAP documentation
Signed-off-by: Craig Perkins <cwperx@amazon.com>
* Address code review comments
Signed-off-by: Craig Perkins <cwperx@amazon.com>
---------
Signed-off-by: Craig Perkins <cwperx@amazon.com>
2023-12-08 15:13:24 -06:00
21f8a61557
Document client certificate options to support mutual TLS for OpenID endpoint ( #5697 )
...
* Document client certificate options to support mutual TLS for OpenID
endpoint.
Signed-off-by: Calvin Harrison <74850112+Simple-Analysis@users.noreply.github.com>
* Update _security/authentication-backends/openid-connect.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Simple-Analysis <74850112+Simple-Analysis@users.noreply.github.com>
* Update _security/authentication-backends/openid-connect.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Simple-Analysis <74850112+Simple-Analysis@users.noreply.github.com>
* Update _security/authentication-backends/openid-connect.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Simple-Analysis <74850112+Simple-Analysis@users.noreply.github.com>
---------
Signed-off-by: Calvin Harrison <74850112+Simple-Analysis@users.noreply.github.com>
Signed-off-by: Simple-Analysis <74850112+Simple-Analysis@users.noreply.github.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-12-05 13:34:15 -06:00
cba2dee4c3
Add note about configuring root CA for ldap in both authc and authz ( #5727 )
...
* Add note about configuring root CA for ldap in both authc and authz
Signed-off-by: Craig Perkins <cwperx@amazon.com>
* Address review comments
Signed-off-by: Craig Perkins <cwperx@amazon.com>
---------
Signed-off-by: Craig Perkins <cwperx@amazon.com>
2023-12-04 12:28:36 -06:00
ff1dc0eb36
Fix typo in jwt authentication guide ( #5650 )
...
Signed-off-by: Taeik Lim <sibera21@gmail.com>
2023-11-28 13:35:09 -06:00
3ec0aa4228
Revert "Including info on OpenID Additional Parameters ( #5600 )" ( #5686 )
...
This reverts commit 4af8a0dda5
2023-11-28 10:09:42 -06:00
4af8a0dda5
Including info on OpenID Additional Parameters ( #5600 )
...
* Including info on OpenID Additional Parameters
Signed-off-by: Sam <samuel.costa@eliatra.com>
* Update _security/authentication-backends/openid-connect.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Sam <128482925+samuelcostae@users.noreply.github.com>
* Update _security/authentication-backends/openid-connect.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Sam <128482925+samuelcostae@users.noreply.github.com>
* PR feedback changes
Signed-off-by: Sam <samuel.costa@eliatra.com>
---------
Signed-off-by: Sam <samuel.costa@eliatra.com>
Signed-off-by: Sam <128482925+samuelcostae@users.noreply.github.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-11-20 14:34:57 -06:00
5f12318880
Update security documentation around username resolution ( #5580 )
...
* readd auth token doc
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* Add docs
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* Remove extra file
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* remove please
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* Update _security/configuration/tls.md
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
* Update
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
* split pr
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
---------
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
2023-11-13 17:15:10 -05:00
834a829b62
Add documentation topic to authentication backends section for HTTP basic authentication ( #4638 )
...
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2512 basic for authc backend
Signed-off-by: cwillum <cwmmoore@amazon.com>
---------
Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-08-25 16:26:21 -07:00
07c4019e33
Add new zip for example SAML configuration files that reflect latest version ( #3665 )
...
* Add new zip for example SAML configuration files that reflect latest version
These changes add a new saml-example-custom.zip file containing `customize-docker-compose.yml`, `customize-config.yml`, and `customize-opensearch-dashboards.yml` files for use as the fully functioning SAML example. These changes also include edits to documentation so that steps accord with the new files.
* fix#618 saml example download
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#618 saml example download
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#618 saml example download
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#618 saml example download
Signed-off-by: cwillum <cwmmoore@amazon.com>
* Apply suggestions from code review
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
---------
Signed-off-by: cwillum <cwmmoore@amazon.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-07-06 16:59:26 -05:00
9f4b362dbf
Add documentation for validating JWT with JWKS ( #4162 )
...
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#4050 jwks for JWT + reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
---------
Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-06-01 11:51:02 -07:00
b52424e67b
Describe SAML supported private key format and encryption algorithm ( #1855 )
...
OpenSearch allows signing requests by using a private key in the PKCS#8 format. If a user wants to use an encrypted key, the key must be encrypted with a PKCS#12-compatible algorithm.
The `SAML -> Request signing` documentation is extended with the requirements. It should save time of the customers who use wrong key formats or a good key format, but encrypted with an unsupported algorithm (e.g. PKCS#5 2.0 compatible algorithm).
Signed-off-by: Adam Gabryś <adam.gabrys@live.com>
2023-05-18 12:08:11 -05:00
ee7d1efd02
More redirects and spelling fixes ( #4093 )
...
* redirects and spelling
Signed-off-by: Heather Halter <hdhalter@amazon.com>
* Update _observing-your-data/ad/index.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>
* Update _observing-your-data/ad/index.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>
* Update _search-plugins/knn/index.md
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>
---------
Signed-off-by: Heather Halter <hdhalter@amazon.com>
Signed-off-by: Heather Halter <HDHALTER@AMAZON.COM>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
2023-05-17 09:57:14 -07:00
2bc05adb72
more redirect changes 5 ( #4028 )
...
Signed-off-by: Heather Halter <hdhalter@amazon.com>
2023-05-08 08:07:01 -07:00
8463c8f278
Correct plugin capitalization ( #3838 )
...
* Correct plugin capitalization
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
* Revert cluster-stats because the name is in response
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
* Revert cluster-stats once more
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
---------
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
2023-05-04 11:11:54 -04:00
2d20f539ec
Fix cookie-splitting setting example for SAML backend documentation ( #3949 )
...
* fix#3947 cookie splitting fix
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3947 cookie splitting fix
Signed-off-by: cwillum <cwmmoore@amazon.com>
---------
Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-05-03 10:05:29 -07:00
773559ac75
Add new settings for SAML and OIDC that allow for cookie splitting ( #3807 )
...
* fix#3691 cookie spitting
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3691 cookie spitting
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3691 cookie spitting
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3691 cookie spitting
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3691 cookie splitting
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3691 cookie spitting
Signed-off-by: cwillum <cwmmoore@amazon.com>
---------
Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-04-24 13:42:44 -07:00
15d324d30c
Add documentation for jwt_clock_skew_tolerance_seconds setting that resolves authentication errors ( #3251 )
...
* fix#3220 auth fail from clock skew
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3220 auth fail from clock skew
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3220 auth fail from clock skew
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3220 auth fail from clock skew
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3220 auth fail from clock skew
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#3220 auth fail from clock skew
Signed-off-by: cwillum <cwmmoore@amazon.com>
---------
Signed-off-by: cwillum <cwmmoore@amazon.com>
2023-03-28 13:48:18 -07:00
713eac8e67
Change url for opensearch_security.openid.scope configuration setting ( #2944 )
...
Signed-off-by: Luca Nardi <luca.nardi@live.it>
2023-03-21 11:52:50 -05:00
3da7598c0c
Change sample to example ( #2972 )
...
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
2023-02-20 11:34:20 -05:00
d04e88b496
Reorganize Configuration section of the Security TOC ( #2212 )
...
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* fix#2155-sec-toc-config-reorg
Signed-off-by: cwillum <cwmmoore@amazon.com>
* Rename security section. Fix links. Add redirects
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
---------
Signed-off-by: cwillum <cwmmoore@amazon.com>
Signed-off-by: Naarcha-AWS <naarcha@amazon.com>
Co-authored-by: Naarcha-AWS <naarcha@amazon.com>
2023-01-27 10:12:47 -08:00
Stephen Crawford
John Heraghty
Craig Perkins
Simple-Analysis
Taeik Lim
Naarcha-AWS
Sam
Chris Moore
Adam Gabryś
Heather Halter
kolchfa-aws
Luca Nardi