ryanl1997 / security-dashboards-plugin Goto Github PK

View Code? Open in Web Editor NEW

This project forked from opensearch-project/security-dashboards-plugin

0.0 0.0 0.0 2.18 MB

🔐 Manage your internal users, roles, access control, and audit logs from OpenSearch Dashboards

Home Page: https://opensearch.org/docs/latest/security-plugin/index/

License: Apache License 2.0

JavaScript 2.41% TypeScript 97.20% SCSS 0.38% Shell 0.01%

security-dashboards-plugin's Introduction

OpenSearch Dashboards Security Plugin

This plugin for OpenSearch Dashboards adds a configuration management UI for the OpenSearch Security features, as well as authentication, session management and multi-tenancy support to your secured cluster.

Features
Installation
Contributing
Getting Help
Code of Conduct
Security
License
Copyright

Features

OpenSearch Dashboards authentication for OpenSearch
OpenSearch Dashboards session management
OpenSearch Security configuration UI
Multi-tenancy support for OpenSearch Dashboards
OpenSearch audit logging configuration UI

Installation

The OpenSearch Dashboards Security Plugin comes bundled by default as part of the OpenSearch Dashboards distribution. Please refer to the installation guide and technical documentation for detailed information on installing and configuring the OpenSearch Security Plugin.

Contributing

See developer guide and how to contribute to this project.

Getting Help

If you find a bug, or have a feature request, please don't hesitate to open an issue in this repository.

For more information, see project website and documentation. If you need help and are unsure where to open an issue, try forums.

Code of Conduct

This project has adopted the Amazon Open Source Code of Conduct. For more information see the Code of Conduct FAQ, or contact [email protected] with any additional questions or comments.

Security

If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our vulnerability reporting page. Please do not create a public GitHub issue.

License

This code is licensed under the Apache 2.0 License.

Copyright

security-dashboards-plugin's People

Contributors

security-dashboards-plugin's Issues

[Cypress 13] Setup Cypress Testing Environment in Security Dashboards Plugin

[FEATURE] Test_01 for untriaged label

Is your feature request related to a problem?
A clear and concise description of what the problem is, e.g. I'm always frustrated when [...]

What solution would you like?
A clear and concise description of what you want to happen.

What alternatives have you considered?
A clear and concise description of any alternative solutions or features you've considered.

Do you have any additional context?
Add any other context or screenshots about the feature request here.

[OIDC] Get and run Keycloak on Linux Locally

Introduction

To set up a local testing environment for OIDC with Keycloak and OpenSearch on your Mac, you'll want to follow a series of steps that replicate what your GitHub Actions workflow does. Below is a step-by-step guide to set up Keycloak, OpenSearch, and the necessary configurations for OIDC.

Steps

Prerequisites: Make sure you have Java installed, as both OpenSearch and Keycloak require it.
Install wget and curl if they are not already installed on your Mac.
You'll also need Node.js if you don't have it, as it's required for fetching the OpenSearch version from package.json.
Make sure you have OpenSearch and Keycloak downloaded, or you can use wget as in your workflow.

Export some version variables:

export KEYCLOAK_VERSION='21.0.1'

Download and Unpack Keycloak:

echo "Downloading Keycloak $KEYCLOAK_VERSION"
wget https://github.com/keycloak/keycloak/releases/download/$KEYCLOAK_VERSION/keycloak-$KEYCLOAK_VERSION.tar.gz
echo "Unpacking Keycloak"
tar -xzf keycloak-$KEYCLOAK_VERSION.tar.gz

Start Keycloak:

export KEYCLOAK_ADMIN=admin
export KEYCLOAK_ADMIN_PASSWORD=admin
cd keycloak-$KEYCLOAK_VERSION/bin
chmod +x kc.sh
echo "Starting keycloak"
./kc.sh start-dev --http-enabled=true --hostname-strict-https=false --http-host=localhost --http-relative-path /auth --health-enabled=true &

Set up Keycloak Admin CLI and Create Client

chmod +x kcadm.sh
./kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password admin
CID=$(./kcadm.sh create clients -r master -s clientId=opensearch -s 'redirectUris=["http://localhost:5603/auth/openid/login", "http://localhost:5601", "http://localhost:5601/auth/openid/login"]' -s 'secret=oacHfNaXyy81r2uHq1A9RY4ASryre4rZ' -i)

Create Client Mapper:

echo "Creating client mapper"
./kcadm.sh create clients/$CID/protocol-mappers/models  -r master -s 'config."id.token.claim"=true' -s 'config."multivalued"=true' -s 'config."claim.name"="roles"' -s 'config."userinfo.token.claim"=true' -s 'config."access.token.claim"=true' -s 'name=rolemapper' -s 'protocolMapper=oidc-usermodel-realm-role-mapper' -s "protocol=openid-connect"

[BUG] Test_01 for auto label

What is the bug?
A clear and concise description of the bug.

How can one reproduce the bug?
Steps to reproduce the behavior:

Go to '...'
Click on '....'
Scroll down to '....'
See error

What is the expected behavior?
A clear and concise description of what you expected to happen.

What is your host/environment?

OS: [e.g. iOS]
Version [e.g. 22]
Plugins

Do you have any screenshots?
If applicable, add screenshots to help explain your problem.

Do you have any additional context?
Add any other context about the problem.

[BUG] Test_02 for auto label