3rd party auth Kibana cloud.elastic.co - cannot edit kibana.yml

Hello, we are exploring the use of an OAuth proxy to grant login to Kibana using GitHub. We are using the ES Cloud offering.
I started at https://www.elastic.co/blog/user-impersonation-with-x-pack-integrating-third-party-auth-with-kibana, but am blocked already, because I cannot make the initial changes to kibana.yml in the User Settings Override. I get an error:

'elasticsearch.requestHeadersWhitelist': is not allowed

Browsing https://www.elastic.co/guide/en/cloud/current/ec-manage-kibana-settings.html, sure enough that setting is not on the list.

Is there any other way to edit kibana.yml in the Cloud offering, or is this a limitation?

Thanks for any insight

Trevor

Had a quick reply on this from EC Support last night (thanks Chris!) .. it is a limitation of the SaaS, and it was recommended that we use SAML.
https://www.elastic.co/guide/en/cloud/current/ec-securing-clusters-SAML.html

SAML requires a Platinum license, but Elastic.co does grant it's use as "a special gesture to startups and small business customers running clusters with less than 64 GB of memory" .. though there was some mention about needing a 2nd cluster to gain the features (which we have, for monitoring)
https://www.elastic.co/cloud/elasticsearch-service/subscriptions

Maybe this helps someone one day..

Trevor M

Hello,

Thanks a lot for keeping the community posted.

Cheers,
Bhavya

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.