I am using OpenSearch 2.7 and currently I have everything set up in EC2 instance (a 10 node cluster with a Dashboards server). I have created custom plugins that I have loaded in my Dashboards instance. Everyone logs in using LDAP.
I want to move to using an AWS managed cluster but continue using my custom Dashboard running in an EC2 instance. I have most of it working but I am running into issues using LDAP/SAML with the custom Dashboard. It works to log in using an internal users but that wont work for everyone.
First off is it even possible to authenticate to this custom dashboard without using internal users?
@AndrewB Could you elaborate more on the authentication issue?
What exactly do you see when authentication fails?
Does the issue relate only to LDAP and SAML users?
The alternative would be anonymous or JWT authentication. However, this depends on how your users access the Dashboard objects. Do you use an iframe?
Let me give some more details. So I currently have 2 clusters going. My original which is OpenSearch/Dashboards all running on EC2s and it authenticates to LDAP fine.
I spun up a 2nd cluster with managed nodes and set up SAML auth with ADFS and that works for AD users to log into the premade Dashboards/OS.
So then I spun up a custom Dashboards instance on an EC2 and tried to configure it up for SAML to connect to the managed cluster (which is the ideal setup for me). At this point I am getting issues. If you go to the IP:Port it takes you to the login page and then I’ve added a little Log on button for SAML but it doesn’t seem to send the login cookie over.
Right now users just connect to the regular dashboards page, no iframe embedding or anything like that.
Hey pablo, I realized I didn’t actually hit reply so I am not sure you saw my response.