I am trying to use OpenSearch Dashboards API (Amazon Kibana fork) to add a search index. I am using version 1.0 and have also setup the security plugin. I have no issues using TLS PKI for interacting with OpenSearch (Elasticsearch). However, whenever I try to interact with the OpenSearch Dashboard API with TLS PKI authentication, I get an error. I am able to setup PKI within Dashboards to authenticate to OpenSearch without any issues. Here is effectively the command on the shell using curl, but I am looking to use python when finished:
curl -X POST --cert MYCERT.crt --key MYKEY.key --cacert MY-CA-BUNDLE.crt https://HOSTNAME:5601/api/saved_objects/index-pattern/test-index -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d' { "attributes": { "title": "test-index-*","timeFieldName": "@timestamp" } }'
I get the following JSON message error back:
{"statusCode":401,"error":"Unauthorized","message":"Authentication required"}
If I instead use the API with 'simple' username/password, the same command works:
curl -X POST -u USERNAME:PASSWORD https://HOSTNAME:5601/api/saved_objects/index-pattern/test-index -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d' { "attributes": { "title": "test-index-*","timeFieldName": "@timestamp" } }'
However, I can't seem to find a way to allow my ansible to issue a command to the API using PKI certificates, which I am looking to do so I can disable simple authentication. Does anyone know what setting I am missing or if I am misusing the API? I have studied the plugin documentation, but I can't find any item that I am missing.
Did you try a simple query to Opensearch service like:
If this one is not working, probably you need to check the certificates that are configured in opensearch.yml file.