From cc75ece07e4954c14a2458efd3d28dfd6b8872df Mon Sep 17 00:00:00 2001
From: Rob W <robertiweber3@gmail.com>
Date: Mon, 4 Dec 2023 12:52:55 -0600
Subject: [PATCH] Create internal_users.yml

---
 .../opensearch/config/internal_users.yml      | 68 +++++++++++++++++++
 1 file changed, 68 insertions(+)
 create mode 100644 data/opensearch/opensearch/config/internal_users.yml

diff --git a/data/opensearch/opensearch/config/internal_users.yml b/data/opensearch/opensearch/config/internal_users.yml
new file mode 100644
index 00000000..f7256d8a
--- /dev/null
+++ b/data/opensearch/opensearch/config/internal_users.yml
@@ -0,0 +1,68 @@
+---
+# This is the internal user database example
+# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh
+# plugins/opensearch-security/tools/hash.sh -p <new-password>
+
+_meta:
+  type: "internalusers"
+  config_version: 2
+
+# Define your internal users here
+new-user:
+  hash: "$2y$12$88IFVl6IfIwCFh5aQYfOmuXVL9j2hz/GusQb35o.4sdTDAEMTOD.K"
+  reserved: false
+  hidden: false
+  opendistro_security_roles:
+  - "specify-some-security-role-here"
+  backend_roles:
+  - "specify-some-backend-role-here"
+  attributes:
+    attribute1: "value1"
+  static: false
+
+## Demo users
+
+admin:
+  hash: "$2a$12$VcCDgh2NDk07JGN0rjGbM.Ad41qVR/YFJcgHp0UGns5JDymv..TOG"
+  reserved: true
+  backend_roles:
+  - "admin"
+  description: "Demo admin user"
+
+kibanaserver:
+  hash: "$2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H."
+  reserved: true
+  description: "Demo user for the OpenSearch Dashboards server"
+
+kibanaro:
+  hash: "$2a$12$JJSXNfTowz7Uu5ttXfeYpeYE0arACvcwlPBStB1F.MI7f0U9Z4DGC"
+  reserved: false
+  backend_roles:
+  - "kibanauser"
+  - "readall"
+  attributes:
+    attribute1: "value1"
+    attribute2: "value2"
+    attribute3: "value3"
+  description: "Demo read-only user for OpenSearch dashboards"
+
+logstash:
+  hash: "$2a$12$u1ShR4l4uBS3Uv59Pa2y5.1uQuZBrZtmNfqB3iM/.jL0XoV9sghS2"
+  reserved: false
+  backend_roles:
+  - "logstash"
+  description: "Demo logstash user"
+
+readall:
+  hash: "$2a$12$ae4ycwzwvLtZxwZ82RmiEunBbIPiAmGZduBAjKN0TXdwQFtCwARz2"
+  reserved: false
+  backend_roles:
+  - "readall"
+  description: "Demo readall user"
+
+snapshotrestore:
+  hash: "$2y$12$DpwmetHKwgYnorbgdvORCenv4NAK8cPUg8AI6pxLCuWf/ALc0.v7W"
+  reserved: false
+  backend_roles:
+  - "snapshotrestore"
+  description: "Demo snapshotrestore user"