In our environment, we are using AWS OpenSearch and I have configured the authentication using the Keycloak SAML. So all the users list is provided in the Keycloak and is passed to the role as backend role
My question is:
We have alot of indices and I would like to configure the index level permissions where, an user have complete access to certain indices only. Could anyone help me here.
Thank you in advance…
@schand not sure I fully understood your question.
The most straightforward way would be to have a special role (provided in Keycloak and passed in roles) for example backend_role_1.
You can then create a security role, something like below:
And finally map the backend role (backend_role_1) to security_role_1, like below:
This should give you the necessary access. Also don’t forget to map the users to opensearch_dashboards_user or kibana_user.
You can check which roles were allocated to the user by selecting the user (top/right) and selecting “View roles and identities”, you should see the backend_role_1 under Backend Roles and security_role_1 under Roles
Hope this helps
I can say, You understood the thing exactly as the solution is helping me in the way I expected.
Thanks a lot for helping me.
Could you also help me with Documentation of this kind of configurations info.
@schand Glad it helped, More information is available here