Skip to content

Commit d49de3a

Browse files
committed
feat: add --opensearch-user flag, default to admin
Signed-off-by: Kyle Hounslow <kylhouns@amazon.com>
1 parent 2c88032 commit d49de3a

2 files changed

Lines changed: 4 additions & 3 deletions

File tree

aws/cli-installer/src/aws.mjs

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,6 @@ import {
5656
// ── Tagging ─────────────────────────────────────────────────────────────────
5757

5858
const SECRET_PREFIX = 'open-stack';
59-
const MASTER_USER = 'admin';
6059

6160
function generatePassword() {
6261
return randomBytes(16).toString('base64url') + '!A1';
@@ -224,7 +223,7 @@ async function createManagedDomain(cfg) {
224223
Enabled: true,
225224
InternalUserDatabaseEnabled: true,
226225
MasterUserOptions: {
227-
MasterUserName: MASTER_USER,
226+
MasterUserName: cfg.opensearchUser || 'admin',
228227
MasterUserPassword: cfg._masterPassword,
229228
},
230229
},
@@ -291,7 +290,7 @@ export async function mapOsiRoleInDomain(cfg) {
291290
}
292291

293292
const url = `${cfg.opensearchEndpoint}/_plugins/_security/api/rolesmapping/all_access`;
294-
const auth = Buffer.from(`${MASTER_USER}:${masterPass}`).toString('base64');
293+
const auth = Buffer.from(`${cfg.opensearchUser || 'admin'}:${masterPass}`).toString('base64');
295294

296295
// Map both the OSI pipeline role and the caller's role (for OpenSearch UI access)
297296
const callerRoleArn = cfg.callerRoleArn || '';

aws/cli-installer/src/cli.mjs

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@ export function parseCli(argv) {
3333
// OpenSearch — reuse
3434
program
3535
.option('--opensearch-endpoint <url>', 'Reuse an existing OpenSearch endpoint')
36+
.option('--opensearch-user <user>', 'OpenSearch master username', 'admin')
3637
.option('--opensearch-password <password>', 'Master password for existing OpenSearch domain (for FGAC mapping)');
3738
// OpenSearch — create
3839
program
@@ -114,6 +115,7 @@ function optsToConfig(opts) {
114115
region: opts.region || '',
115116
osAction,
116117
opensearchEndpoint: opts.opensearchEndpoint || '',
118+
opensearchUser: opts.opensearchUser || 'admin',
117119
opensearchPassword: opts.opensearchPassword || '',
118120
osDomainName: opts.osDomainName || '',
119121
osInstanceType: opts.osInstanceType,

0 commit comments

Comments
 (0)