About the security plugin

OpenSearch has its own security plugin for authentication and access control. The plugin provides numerous features to help you secure your cluster.

The security plugin has several default users, roles, action groups, permissions, and settings for OpenSearch Dashboards that use kibana in their names. We will change these names in a future release.

FeatureDescription
Node-to-node encryptionEncrypts traffic between nodes in the OpenSearch cluster.
HTTP basic authenticationA simple authentication method that includes a user name and password as part of the HTTP request.
Support for Active Directory, LDAP, Kerberos, SAML, and OpenID ConnectUse existing, industry-standard infrastructure to authenticate users, or create new users in the internal user database.
Role-based access controlRoles define the actions that users can perform: the data they can read, the cluster settings they can modify, the indices to which they can write, and so on. Roles are reusable across users, and users can have multiple roles.
Index-level, document-level, and field-level securityRestrict access to entire indices, certain documents within an index, or certain fields within documents.
Audit loggingThese logs let you track access to your OpenSearch cluster and are useful for compliance purposes or after unintended data exposure.
Cross-cluster searchUse a coordinating cluster to securely send search requests to remote clusters.
OpenSearch Dashboards multi-tenancyCreate shared (or private) spaces for visualizations and dashboards.