[Feature Request] Allow separation of security configurations between Aux transports #17795
Labels
Comments
finnegancarroll
added
enhancement
This was referenced Mar 25, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe
Per #17406 aux transport security configurations are configured under a single setting "namespace", i.e. However, aux transports are pluggable and multiple implementations may be enabled and configured.
plugins.security.ssl.aux.<setting option...>Describe the solution you'd like
Ideally in the case where multiple aux transports are configured and enabled, the user should distinguish between security configurations for each aux transport.
plugins.security.ssl.aux.arrow.<setting option...>plugins.security.ssl.aux.grpc.<setting option...>plugins.security.ssl.aux.other.<setting option...>From the developer perspective each new aux transport should be declared and consumed by security plugin to enable basic TLS client cert authentication without need to introduce sweeping settings changes to security plugin or discrete implementations for the particular transport.
Additional discussion: #17406 (comment)
PR adding single
auxsecurity config namespace to security plugin: opensearch-project/security#5152Related component
Plugins
Describe alternatives you've considered
Keeping aux transports as a single security configuration which all transports will share.
Additional context
No response
The text was updated successfully, but these errors were encountered: