security.rst

Security Settings

Table of contents

• Introduction
• Using Rest API
• Using Security Dashboard

Introduction

User needs cluster:admin/opensearch/ppl permission to use PPL plugin. User also needs indices level permission indices:admin/mappings/get to get field mappings and indices:data/read/search* to search index.

Using Rest API

--INTRODUCED 2.1--

Example: Create the ppl_role for test_user. then test_user could use PPL to query ppl-security-demo index.

1. Create the ppl_role and grand permission to access PPL plugin and access ppl-security-demo index:

   PUT _plugins/_security/api/roles/ppl_role
   {
     "cluster_permissions": [
       "cluster:admin/opensearch/ppl"
     ],
     "index_permissions": [{
       "index_patterns": [
         "ppl-security-demo"
       ],
       "allowed_actions": [
         "indices:data/read/search*",
         "indices:admin/mappings/get"
       ]
     }]
   }

2. Mapping the test_user to the ppl_role:

   PUT _plugins/_security/api/rolesmapping/ppl_role
   {
     "backend_roles" : [],
     "hosts" : [],
     "users" : ["test_user"]
   }

Using Security Dashboard

--INTRODUCED 2.1--

Example: Create ppl_access permission and add to existing role

1. Create the ppl_access permission:

   PUT _plugins/_security/api/actiongroups/ppl_access
   {
     "allowed_actions": [
       "cluster:admin/opensearch/ppl"
     ]
   }

2. Grant the ppl_access permission to ppl_test_role