Add the ability to redact field values based on a field name for a specified time range via the manager API. This implemented is heavily based on OpenSearch's field masking.
The admin specifies a time range and a field name to redact. It redacts on read at the Lucene level by overwriting the reader. Currently, replaces the value of the field specified with REDACTED.
Left to-dos for the future
hash the value instead of replacing with REDACTED
auto-delete redactions whose time range is outside of the data's retention policy
possible: redact queries as well as reads
Requirements
[x] I've read and understood the Contributing Guidelines and have done my best effort to follow them.
Summary
Add the ability to redact field values based on a field name for a specified time range via the manager API. This implemented is heavily based on OpenSearch's field masking.
The admin specifies a time range and a field name to redact. It redacts on read at the Lucene level by overwriting the reader. Currently, replaces the value of the field specified with
REDACTED.Left to-dos for the future
REDACTEDRequirements