By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AOSS Dashboards don't have security option

0

Setup a OpenSearch serverless collection and could get data ingestion into it via the OpenSearch pipeline. Setup both SAML/IAM login to the dashboard and both methods also work, now I am trying to setup some visualizations. However, dashboard left side navigation bar do not have security tab. I'm finding virtually impossible to upload the components and index templates to the dashboards. Any help is appreciated. Using curl fails with 403 permission denied (logged in via IAM credentials to dashboard) tried -U option also nothing work. Full permissions to IAM user for opensearch are setup. Thanks.

Topics
Security, Identity, & ComplianceAnalyticsDatabase
Tags
Security, Identity, & ComplianceIAM PoliciesAmazon OpenSearch Serverless
Language
English
ravikcha
asked 8 months ago126 views
1 Answer
0

The absence of the "Security" option in the AOSS (Amazon Opensearch Service) Dashboards left-side navigation bar is by design. The security-related features and configurations for the OpenSearch cluster are managed separately from the Dashboards.

Here are a few things you can try to manage the security aspects of your OpenSearch setup:

  1. IAM-based Access Control:

    • Since you've already set up IAM-based login to the Dashboards, you can use IAM policies to control access to your OpenSearch cluster and its indices.
    • Assign the necessary permissions to your IAM users or roles to perform operations like creating and managing indices, visualizations, and dashboards.
    • Refer to the Amazon OpenSearch Service documentation on IAM-based access control for more details.

  2. OpenSearch Security Plugins:

    • If you require more granular security features, such as role-based access control (RBAC) or advanced authentication mechanisms, you can enable the OpenSearch Security plugins.
    • The Security plugins provide a web UI for managing users, roles, and permissions within the OpenSearch cluster.
    • You can enable the Security plugins by following the Amazon OpenSearch Service documentation on enabling Security plugins.

  3. Manage Security via API/CLI:

    • If you prefer to manage the security aspects programmatically, you can use the OpenSearch API or the AWS CLI to perform tasks like creating users, roles, and index-level permissions.
    • Refer to the OpenSearch documentation on security management APIs for more information.

  4. Use OpenSearch Dashboards Programmatically:

    • To upload components (e.g., visualizations, index templates) to the OpenSearch Dashboards, you can use the OpenSearch Dashboards API or the Kibana Plugin Platform.
    • This allows you to automate the deployment of your visualization and dashboard configurations, bypassing the Dashboards UI.
    • Check the OpenSearch Dashboards documentation on the Kibana Plugin Platform for more details.

By leveraging these approaches, you can effectively manage the security and configuration aspects of your OpenSearch setup, even though the "Security" option is not directly available in the AOSS Dashboards UI.

AWS
JonQ
answered 21 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content