The video is good, thanks. There is an issue not covered here. In real production environment you won't be probably creating users manually in IAM - you'd want to integrate with AD, Azure, Gsuite or some other central user repository. So one of the solutions would be having some nginx/apache server running, integrated with AD for authentication, and connected to opensearch kibana on the other hand. And this is the real challenge - how to define permissions for specific users or groups... Would be nice to have some video about it as well.
Hi Thank you for the video. Its very informative I have just one doubt Can you please let me know if I am not enabling the fine grained access control then where do I need to setup the ARN for the auth role ?
@@SoumilShah Thanks for the reply, let me give you the detais 1. fine grained access control is disabled 2. Elasticsearch cluster has been created 3. I created user pools and identity pool following your video 4. I configured the same in the Elasticsearch cluster 5. Now when I am trying to open the Elasticsearch URL , Ideally it should be redirected to the cognito where i need to enter the user details to login but in my case Elasticsearch gets opened. Redirection isn't working 6. But if I try to open the hosted UI option from the app clients option in the cognito user pool, my login page gets opened and post entering the credentials it get directed to Elasticsearch. if you can help me with the point 5 query.
I have AWS Elaticsearch domain hosted with Kibana dashboard. I want to setup auomatic backup process of snapshots/indexes for elasticsearch into S3. how can I achieve this? Could you please guide? I see various videos via OpenSearch dashboard but not via Kibana dashboard, help me to achieve this!
At 8:29 how do you have more than one authentication method with different app clients? I’m thinking this is the reason why I’m not allowed to sign in when I assign someone the unauth role. Any insights?
This is basically the tutorial from the AWS documentation which I followed and did the same steps as you but when I log in, I am not a master user, I get assigned the default_role and thus I don't see the security plugin. Using Opensearch 2.3. No idea how to fix this. The only thing that is different is the access policy, instead of AWS: "*" I have to put the ARN of the AuthRole in there because AWS complains that it can not be open when using advanced security (aka fine-grained access control). When I create a new domain and do the steps like in your tutorial, it will work. so weird.
![Blox Fruits Dragon Rework Update [Full Stream]](http://i.ytimg.com/vi/EqDAp8udhm0/mqdefault.jpg)
Thanks for sharing such great knowledge!!!! It is going to be very helpfull in my demands with opensearch.
Thanks
This is going to be easier for anyone who are struggling to make it work.
Thankyou Soumil
This video made my task so much easier !!
The video is good, thanks. There is an issue not covered here. In real production environment you won't be probably creating users manually in IAM - you'd want to integrate with AD, Azure, Gsuite or some other central user repository. So one of the solutions would be having some nginx/apache server running, integrated with AD for authentication, and connected to opensearch kibana on the other hand. And this is the real challenge - how to define permissions for specific users or groups... Would be nice to have some video about it as well.
hey do you have any example for this
wow, what a lifesaver
Hi
Thank you for the video. Its very informative
I have just one doubt
Can you please let me know if I am not enabling the fine grained access control then where do I need to setup the ARN for the auth role ?
Not sure I am understanding
ARN role for what ?
@@SoumilShah
Thanks for the reply, let me give you the detais
1. fine grained access control is disabled
2. Elasticsearch cluster has been created
3. I created user pools and identity pool following your video
4. I configured the same in the Elasticsearch cluster
5. Now when I am trying to open the Elasticsearch URL , Ideally it should be redirected to the cognito where i need to enter the user details to login but in my case Elasticsearch gets opened. Redirection isn't working
6. But if I try to open the hosted UI option from the app clients option in the cognito user pool, my login page gets opened and post entering the credentials it get directed to Elasticsearch.
if you can help me with the point 5 query.
I have AWS Elaticsearch domain hosted with Kibana dashboard. I want to setup auomatic backup process of snapshots/indexes for elasticsearch into S3. how can I achieve this? Could you please guide? I see various videos via OpenSearch dashboard but not via Kibana dashboard, help me to achieve this!
Could you please tell how to do DLS with parameter substitutions when authenticated with cognito
At 8:29 how do you have more than one authentication method with different app clients? I’m thinking this is the reason why I’m not allowed to sign in when I assign someone the unauth role. Any insights?
This is basically the tutorial from the AWS documentation which I followed and did the same steps as you but when I log in, I am not a master user, I get assigned the default_role and thus I don't see the security plugin. Using Opensearch 2.3. No idea how to fix this. The only thing that is different is the access policy, instead of AWS: "*" I have to put the ARN of the AuthRole in there because AWS complains that it can not be open when using advanced security (aka fine-grained access control). When I create a new domain and do the steps like in your tutorial, it will work. so weird.
This is for the v old version of Elastic + Kibana. Does not work on >= Elastic 8.
Hi Soumil, How to upload data from an app to the Elasticsearch behind cognito ?
can someone comment on this part