Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proof of concept for extension reserved indices #5

Open
wants to merge 5 commits into
base: check-main-build
Choose a base branch
from

Conversation

cwperks
Copy link
Owner

@cwperks cwperks commented Jul 14, 2023

Description

This is a proof of concept of strong ownership between an extension identity (its service account) and indices that it requested to reserve on the first initialization request. The payload of the REST initialization request would look like:

curl -XPOST https://admin:admin@localhost:9200/_extensions/initialize --insecure -H "Content-Type:application/json" --data '{
"name":"hello-world",
"uniqueId":"hw",
"hostAddress":"127.0.0.1",
"port":"4532",
"version":"1.0",
"opensearchVersion":"3.0.0",
"minimumCompatibleVersion":"3.0.0",
"reserved_indices": [".hello-world-jobs"] // indices the extension requests to reserve
}'

The primary crux of this is that that SecurityIndexAccessEvaluator is knowledgable of the extensions registry (ExtensionsManager) and checks to see if requested system indices are owned by the extension when evaluating the permissions of a request that interact with a system index.

This strong level of ownership means that extensions cannot meddle with system indices owned by other extensions and there does not need to exist a role in the internal role list that is not intended to be mapped to regular users. By having the configuration in a single place it is also less configuration to get started with an extension since it is a one stop shop in the payload of the initialization request.

Companion PRs:

Core - cwperks/OpenSearch#93
SDK - cwperks/opensearch-sdk-java#1

cwperks added 3 commits July 17, 2023 17:38
…ect#3003)

* Update imports for files refactored in core PR #8157

Signed-off-by: Craig Perkins <[email protected]>

* Update references to old packages in test files

Signed-off-by: Craig Perkins <[email protected]>

* Get remaining bad imports in integrationTest

Signed-off-by: Craig Perkins <[email protected]>

* Update log4j in bwc build.gradle

Signed-off-by: Craig Perkins <[email protected]>

* Use versions.log4j

Signed-off-by: Craig Perkins <[email protected]>

* Also reference guava version

Signed-off-by: Craig Perkins <[email protected]>

* Update integtest.sh

Signed-off-by: Craig Perkins <[email protected]>

* Update tests that expect certain amount of headers in a response

Signed-off-by: Craig Perkins <[email protected]>

* Empty commit

Signed-off-by: Craig Perkins <[email protected]>

---------

Signed-off-by: Craig Perkins <[email protected]>
…h-project#3024)

* Add -SNAPSHOT

Signed-off-by: Craig Perkins <[email protected]>

* Build SNAPSHOT for security plugin in bwc tests

Signed-off-by: Craig Perkins <[email protected]>

* Add -SNAPSHOT

Signed-off-by: Craig Perkins <[email protected]>

---------

Signed-off-by: Craig Perkins <[email protected]>
* Add release notes for 2.9.0.0

Signed-off-by: Craig Perkins <[email protected]>

* Add new item to release notes

Signed-off-by: Craig Perkins <[email protected]>

---------

Signed-off-by: Craig Perkins <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant