opensearch-project
[DOC] Security Plugin Whitelist/Allowlist Settings and the APIs Are Not Documented
What do you want to do?
- [x] Add new documentation
Tell us about your request. Provide a summary of the request and all versions that are affected.
The Whitelist setting and APIs in security plugin are not documented. This setting has been existing since OpenSearch 1.0.
Allowlist setting was introduced in OpenSearch 2.1 as an alternative to the deprecated Whitelist settings and APIs. Whitelist settings and APIs are planned to be removed in OpenSearch 3.0.0 release as a breaking change.
What other resources are available? Provide links to related issues, POCs, steps for testing, etc. Whitelist setting: https://github.com/opensearch-project/security/blob/main/config/whitelist.yml Whitelist API:: https://github.com/opensearch-project/security/blob/main/src/main/java/org/opensearch/security/dlic/rest/api/WhitelistApiAction.java#L76 Allowlist setting: https://github.com/opensearch-project/security/blob/main/config/allowlist.yml Allowlist APIs: https://github.com/opensearch-project/security/blob/main/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java#L85
@hdhalter This seems to already be covered in https://opensearch.org/docs/latest/security/configuration/yaml/#allowlistyml
Hi @cliu123 ,
As part of the entrance criteria, all the documentation pull requests need to be drafted and in technical review. Since there is no pull request linked to this issue, please take one of the following actions:
- Create the pull request and link it to this issue.
- If you already have a pull request created, please link it to this issue.
- If this feature is not targeted for the currently labeled release version, please update the issue with the correct release version.
Please note: Missing documentation can block the release and cause delays in the overall process. Thank you!
Closing this since this documentation is already covered. Removing the v3.0.0 label as well.
