Open ansjcy opened 4 weeks ago
[Triage] Hi @ansjcy, thanks for filing this issue. From speaking with @cwperks, this work is currently paused based on some core work you are doing. That being said, feel free to resume work on the PR when you are ready to move forward.
Is your feature request related to a problem? As part of the effort to introduce multi-tenancy as a construct in OpenSearch (https://github.com/opensearch-project/OpenSearch/issues/13341), we are introducing a labeling service to attach tenancy labels to search requests. Plugins can define their rules to compute labels based on the given request and thread context. We need to add a "default" labeling rule in security plugin to get the tenancy information if the cluster is using security plugin as their auth method as part of https://github.com/opensearch-project/OpenSearch/pull/13374
What solution would you like? Add a default labeling rule so that we can attach user info in a request.
What alternatives have you considered? We can also maintain all rules in the core repo, but it would be better to let plugins implement their own rules, which would get registered with the RuleBasedLabelingService in core.
Do you have any additional context? Please see https://github.com/opensearch-project/OpenSearch/issues/13341 https://github.com/opensearch-project/OpenSearch/pull/13374