From 3c3740fecac21a2c842475c918eb2e5a1e58d1c5 Mon Sep 17 00:00:00 2001
From: Darshit Chanpura <dchanp@amazon.com>
Date: Fri, 17 Nov 2023 12:25:14 -0500
Subject: [PATCH 1/3] Adds missing default security config lines when updating
 opensearch.yml

Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
---
 .../tools/democonfig/SecuritySettingsConfigurer.java         | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java
index 1e318c38b9..8293bb2e98 100644
--- a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java
+++ b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java
@@ -212,6 +212,11 @@ static String buildSecurityConfigString() {
 
         securityConfigLines.append("plugins.security.authcz.admin_dn:\n  - CN=kirk,OU=client,O=client,L=test, C=de\n\n");
 
+        securityConfigLines.append("plugins.security.audit.type:  internal_opensearch\n");
+        securityConfigLines.append("plugins.security.enable_snapshot_restore_privilege:  true\n");
+        securityConfigLines.append("plugins.security.check_snapshot_restore_write_privileges:  true\n");
+        securityConfigLines.append("plugins.security.restapi.roles_enabled:  [\"all_access\", \"security_rest_api_access\"]\n");
+
         securityConfigLines.append("plugins.security.system_indices.enabled: true\n" + "plugins.security.system_indices.indices: [")
             .append(SYSTEM_INDICES)
             .append("]\n");

From 09c31f53276c95a9191eb4344a27066c4b4531ef Mon Sep 17 00:00:00 2001
From: Darshit Chanpura <dchanp@amazon.com>
Date: Fri, 17 Nov 2023 12:35:08 -0500
Subject: [PATCH 2/3] Missing license headers

Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
---
 .../security/tools/democonfig/Certificates.java       | 11 +++++++++++
 .../tools/democonfig/ExecutionEnvironment.java        | 11 +++++++++++
 2 files changed, 22 insertions(+)

diff --git a/src/main/java/org/opensearch/security/tools/democonfig/Certificates.java b/src/main/java/org/opensearch/security/tools/democonfig/Certificates.java
index 6821147e8c..c776a5e29b 100644
--- a/src/main/java/org/opensearch/security/tools/democonfig/Certificates.java
+++ b/src/main/java/org/opensearch/security/tools/democonfig/Certificates.java
@@ -1,3 +1,14 @@
+/*
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * The OpenSearch Contributors require contributions made to
+ * this file be licensed under the Apache-2.0 license or a
+ * compatible open source license.
+ *
+ * Modifications Copyright OpenSearch Contributors. See
+ * GitHub history for details.
+ */
+
 package org.opensearch.security.tools.democonfig;
 
 /**
diff --git a/src/main/java/org/opensearch/security/tools/democonfig/ExecutionEnvironment.java b/src/main/java/org/opensearch/security/tools/democonfig/ExecutionEnvironment.java
index 9f901c4487..e9a8273c5f 100644
--- a/src/main/java/org/opensearch/security/tools/democonfig/ExecutionEnvironment.java
+++ b/src/main/java/org/opensearch/security/tools/democonfig/ExecutionEnvironment.java
@@ -1,3 +1,14 @@
+/*
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * The OpenSearch Contributors require contributions made to
+ * this file be licensed under the Apache-2.0 license or a
+ * compatible open source license.
+ *
+ * Modifications Copyright OpenSearch Contributors. See
+ * GitHub history for details.
+ */
+
 package org.opensearch.security.tools.democonfig;
 
 /**

From e5a73215ff379d2106afa3a815f9356609996f60 Mon Sep 17 00:00:00 2001
From: Darshit Chanpura <dchanp@amazon.com>
Date: Fri, 17 Nov 2023 12:37:12 -0500
Subject: [PATCH 3/3] Minor code cleanup

Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
---
 .../tools/democonfig/SecuritySettingsConfigurer.java         | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java
index 8293bb2e98..a5daa579dd 100644
--- a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java
+++ b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java
@@ -217,9 +217,8 @@ static String buildSecurityConfigString() {
         securityConfigLines.append("plugins.security.check_snapshot_restore_write_privileges:  true\n");
         securityConfigLines.append("plugins.security.restapi.roles_enabled:  [\"all_access\", \"security_rest_api_access\"]\n");
 
-        securityConfigLines.append("plugins.security.system_indices.enabled: true\n" + "plugins.security.system_indices.indices: [")
-            .append(SYSTEM_INDICES)
-            .append("]\n");
+        securityConfigLines.append("plugins.security.system_indices.enabled: true\n");
+        securityConfigLines.append("plugins.security.system_indices.indices: [").append(SYSTEM_INDICES).append("]\n");
 
         if (!isNetworkHostAlreadyPresent(OPENSEARCH_CONF_FILE)) {
             if (cluster_mode) {