search

opensearch-project / security

🔐 Secure your cluster with TLS, numerous authentication backends, data masking, audit logging as well as role-based access control on indices, documents, and fields
https://opensearch.org/docs/latest/security-plugin/index/
Apache License 2.0
192 stars 274 forks source link

[FEATURE] Add new REST admin API edpoint #3948

Open willyborankin opened 9 months ago

willyborankin commented 9 months ago

Is your feature request related to a problem? Add a new REST admin endpoint to update the configuration of multiple configuration types. Such endpoint will be helpful to update internal users, roles, roles mapping in one request

What solution would you like? Endpoint: PATCH _plugins/_security/api/configuration/update

Payload:

{
  "actiongroups": [ 
      {
       "op": "add", "path": "/CREATE_INDEX", 
       "value": { "allowed_actions": ["indices:admin/create", "indices:admin/mapping/put"] }
      }], 
   "nodes_dn": [...], 
   "internalusers": [...]
 }

in other words the endpoint will combine exiting patch endpoints and update the index via bulk.

stephen-crawford commented 9 months ago

[Triage] Hi @willyborankin, thanks for filing this issue. This sounds like a worthwhile enhancement to streamline the update process for roles. We can close this issue when a new feature is added to support the use cases above.