Is there an equivalent feature to OpenSearch's "user attributes" in Elasticsearch?

catmanjan · March 11, 2022, 4:21am

I want to set up document level security using ABAC

I want to set up a role that will mandate that a user has all the necessary attributes, but each user will have a different set of attributes - rather than making many roles

OpenSearch gets around this via: Users and roles - OpenSearch documentation

"Attributes are optional user properties that you can use for variable substitution in index permissions or document-level security."

The attributes can then be used in the role definition

Is there an equivalent in Elasticsearch, or would I just need many roles?

system · March 11, 2022, 4:21am

Opensearch is an AWS run product and differs from the original Elasticsearch and Kibana products that Elastic builds and maintains. You may need to contact them directly for further assistance.

(This is an automated response from your friendly Elastic bot. Please report this post if you have any suggestions or concerns )

TimV · March 11, 2022, 11:24am

This is known as user metadata and templated role queries in Elasticsearch.

You can refer to this blog post about ABAC in Elasticsearch

system · April 8, 2022, 11:25am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.