Link Search Menu Expand Document Documentation Menu

Security configuration

The plugin includes demo certificates so that you can get up and running quickly, but before using OpenSearch in a production environment, you must configure it manually:

  1. Replace the demo certificates.
  2. Reconfigure opensearch.yml to use your certificates.
  3. Reconfigure config.yml to use your authentication backend (if you don’t plan to use the internal user database).
  4. Modify the configuration YAML files.
  5. If you plan to use the internal user database, set a password policy in opensearch.yml.
  6. Apply changes using securityadmin.sh.
  7. Start OpenSearch.
  8. Add users, roles, role mappings, and tenants.

If you don’t want to use the plugin, see Disable security.

The security plugin has several default users, roles, action groups, permissions, and settings for OpenSearch Dashboards that use kibana in their names. We will change these names in a future release.