Hi,
We already use elasticsearch-oss & kibana-oss (v7.8.0) with standalone opendistro security plugins (1.9.0.0). This creates .opendistro_security index containing the security configurations (users, roles etc).
-
Now, with opensearch security plugin, as per docs, securityadmin would create index .opensearch_security to store these security configs.
-
That would mean on upgrade from (elasticsearch+opendistro) to opensearch → it would not read the existing opendistro_security index and create a fresh index altogether with default configs.
-
Result - on upgrade, we would lose all users/roles etc already created in opendistro, and will need manual effort to recreate all resources & update opensearch index.
Is this understanding right? I was hoping if an automatic migration could be kicked in such that if .opendistro_security index is detected, it would get migrated to opensearch format. Is something like this available/planned?
Also, looking into the opensearch-project/security code, I see the index name still is
OPENDISTRO_SECURITY_DEFAULT_CONFIG_INDEX = ".opendistro_security";
and the same gets used everywhere in the code. There is no use of .opensearch_security index here.
Is it an incorrect branch of project that doesnt have the updated code?
Or is this a bug?
Or is the index name going to remain .opendistro_security only - in which case, the docs have to be updated with the right index name