Enhancing Security configuration steps #8058
Merged
+97
−13
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com>
leanneeliatra
requested review from
kolchfa-aws,
Naarcha-AWS,
vagimeli,
AMoo-Miki,
natebower,
dlvenable,
stephen-crawford and
epugh
as code owners
|
Thank you for submitting your PR. The PR states are In progress (or Draft) -> Tech review -> Doc review -> Editorial review -> Merged. Before you submit your PR for doc review, make sure the content is technically accurate. If you need help finding a tech reviewer, tag a maintainer. When you're ready for doc review, tag the assignee of this PR. The doc reviewer may push edits to the PR directly or leave comments and editorial suggestions for you to address (let us know in a comment if you have a preference). The doc reviewer will arrange for an editorial review. |
|
Hi @cwperks @shikharj05 @stephen-crawford, The documentation team needs a technical review of this security PR, with approval from you. Do one of you have capacity to take on this task? Turnaround time is by end of day Friday, 8/23. Thank you. |
cwperks
reviewed
Aug 20, 2024
cwperks
reviewed
Aug 20, 2024
cwperks
reviewed
Aug 20, 2024
cwperks
reviewed
Aug 20, 2024
cwperks
reviewed
Aug 20, 2024
cwperks
reviewed
Aug 20, 2024
cwperks
reviewed
Aug 20, 2024
cwperks
reviewed
Aug 20, 2024
|
@leanneeliatra Please see tech reviewer's feedback. Once these comments are addressed, please tag me to request tech reviewer approval. Thank you. |
vagimeli
added
3 - Tech review
leanneeliatra
changed the title
Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com>
Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com>
|
Addressing comments. |
…7881 Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com>
natebower
requested changes
Sep 17, 2024
There was a problem hiding this comment.
@leanneeliatra @vagimeli @Naarcha-AWS Please see my comments and changes and tag me for approval once addressed (I'd like to verify lines 16 and 26). Thanks!
natebower
removed
the
6 - Done but waiting to merge
Naarcha-AWS
reviewed
Sep 17, 2024
Co-authored-by: Nathan Bower <nbower@amazon.com> Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
natebower
reviewed
Sep 18, 2024
natebower
reviewed
Sep 18, 2024
natebower
reviewed
Sep 18, 2024
Co-authored-by: Nathan Bower <nbower@amazon.com> Signed-off-by: leanneeliatra <131779422+leanneeliatra@users.noreply.github.com>
natebower
reviewed
Sep 18, 2024
Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com>
… the text, as is the standard (not to have hyperlinked headings). Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com>
|
@natebower I have completed all suggested updates and throughly reviewed the page in light of so many changes. I also added a toc to the bottom of the page with all relevant links, as there is a lot of information on the page this is helpful. If you do not agree with that one, I can remove it. Thank you for the thorough review. |
natebower
requested changes
Sep 19, 2024
There was a problem hiding this comment.
@Naarcha-AWS @leanneeliatra Please see my comments and changes and tag me for approval once addressed. Thanks!
_security/configuration/index.md
Outdated
| redirect_from: | ||
| - /security-plugin/configuration/ | ||
| - /security-plugin/configuration/index/ | ||
| --- | ||
|
|
||
| # Security configuration | ||
|
|
||
| The plugin includes demo certificates so that you can get up and running quickly. To use OpenSearch in a production environment, you must configure it manually: | ||
| The plugin includes demo certificates so that you can get up and running quickly. To use OpenSearch in a production environment, you must configure it manually. |
There was a problem hiding this comment.
"The plugin" => "The Security plugin"? In the second sentence, does "it" refer to OpenSearch or to "the plugin"?
_security/configuration/index.md
Outdated
| plugins.security.ssl.http.pemkey_filepath: /path/to/your/key.pem | ||
| plugins.security.ssl.http.pemtrustedcas_filepath: /path/to/your/ca.pem | ||
| ``` | ||
| For more information, see [Configuring TLS certificates. |
There was a problem hiding this comment.
Suggested change
| For more information, see [Configuring TLS certificates. | |
| For more information, see [Configuring TLS certificates |
_security/configuration/index.md
Outdated
| plugins.security.ssl.http.pemtrustedcas_filepath: /path/to/your/ca.pem | ||
| ``` | ||
| For more information, see [Configuring TLS certificates. | ||
| ]({{site.url}}{{site.baseurl}}/security/configuration/tls/) |
There was a problem hiding this comment.
Suggested change
| ]({{site.url}}{{site.baseurl}}/security/configuration/tls/) | |
| ]({{site.url}}{{site.baseurl}}/security/configuration/tls/). |
Naarcha-AWS
reviewed
Sep 19, 2024
Naarcha-AWS
reviewed
Sep 19, 2024
Co-authored-by: Nathan Bower <nbower@amazon.com> Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
natebower
approved these changes
Sep 19, 2024
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
Sep 19, 2024
* wip building out the security configuration steps Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * adding relevant links to docs. Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * adding further info to security settings Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * reviewdog issues fixed Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * paths given for 1.0 securityadmin Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * Reconfiguring layout Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * updating security configuraton Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * Update _security/configuration/index.md Co-authored-by: Craig Perkins <craig5008@gmail.com> Signed-off-by: leanneeliatra <131779422+leanneeliatra@users.noreply.github.com> * Updates for examples given in config doc. Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * Add doc review Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Update index.md Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Delete _security/configuration/test Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Made the securityadmin.sh backup tool instructions clearer Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * Apply suggestions from code review Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Update _security/configuration/index.md Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * updating the command for the securityadmin tool Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * reviewdog updates Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * Apply suggestions from code review Co-authored-by: Nathan Bower <nbower@amazon.com> Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Nathan Bower <nbower@amazon.com> Signed-off-by: leanneeliatra <131779422+leanneeliatra@users.noreply.github.com> * removing headings as links Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * Updating headings to be headings and adding extra links at the end of the text, as is the standard (not to have hyperlinked headings). Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> * Apply suggestions from code review Co-authored-by: Nathan Bower <nbower@amazon.com> Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Update index.md Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> * Apply suggestions from code review Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> --------- Signed-off-by: leanne.laceybyrne@eliatra.com <leanne.laceybyrne@eliatra.com> Signed-off-by: leanneeliatra <131779422+leanneeliatra@users.noreply.github.com> Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> Co-authored-by: Craig Perkins <craig5008@gmail.com> Co-authored-by: Melissa Vagi <vagimeli@amazon.com> Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com> Co-authored-by: Nathan Bower <nbower@amazon.com> (cherry picked from commit 9230b00) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Expanding on the Security Configuration steps listed
https://opensearch.org/docs/latest/security/configuration/index/
Issues Resolved
#7881
Version
all
Frontend features
Checklist
For more information on following Developer Certificate of Origin and signing off your commits, please check here.