OSD Permission and Permission Evaluation POC 2.0.2 #2
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Reference on saved object registration: multi-data-source POC
Description
The POC proves:
.kibana
index. So the it could have granular access control on inidividual saved objects without relying on tenant. Tenant could be removed..kibana
) that doesn't rely on OpenSearch security plugin that stores permissions and access policies in security configuration index and evaluate priviledges.APIs
Create
sample-permission
saved object:Find all
sample_permission
saved objects:Get a
sample_permission
saved object by id:Evaluate permissions:
{"authorized":"false"}
):{"authorized":"true"}
):