How can I manage Keycloak User with OpenSearch Security API

chanwitkepha · July 7, 2022, 2:31pm

According to this document.
Document Level Security in Elasticsearch — Part 1 | by Alon Aizenberg | Medium

It have command to create internal user by use Security API and setup User Attribute to GroupA and GroupB.

curl -XPUT "https://localhost:9200/_opendistro/_security/api/internalusers/quentin" -u admin:admin --insecure -H 'Content-Type: application/json' -d'
{
  "password": "tarantino",
  "attributes": {
    "groups": "groupA\", \"groupB"
  }
}'

But I’m already connect my OpenSearch Server and Dashboard to Keycloak.

So please suggest me how to use Keycloak User to map with groupA and groupB like that, Thank you.

pablo · July 8, 2022, 4:28pm

@chanwitkepha You’ll need to create a User Realm Role in the OpenID client, create groups and assign them to the user.

Topic		Replies	Views
Oidc keycloak mapping users Security configure	3	392	October 6, 2023
How to map KeyCloak groups with OpenSearch? Security configure , security-issue	6	364	January 10, 2024
Create user with security roles using API Security	1	876	April 22, 2021
Creating Role for having complete access to only specified indices Security	3	1267	June 16, 2022
Using KeyCloak RBAC/ABAC in OpenSearch Security security-issue	25	750	January 30, 2024

How can I manage Keycloak User with OpenSearch Security API

Related Topics