Hello everyone,
I need your help. With the "elastic" account, I create a new user "user1". I want when user1 connects, he only sees the service that concerns him (name='APPLI1'; environment='PRODUCTION') and not all the services created (APPLI1,APPLI2,APPLI3).
Thanks for your help
Best regards
arnaud
Hi.
If you already created Role, you can assign it your user1.
But before you do that, leave cluster permissions empty (or filter which roles in cluster level you want to add). In the index permissions, you can add your index related permission for example
appli*
Under "Privileges," select "Read."
In the "Query" field, you can define the filter to restrict the data. For example, you can use a query like this:
{
"bool": {
"must": [
{ "term": { "name.keyword": "APPLI1" } },
{ "term": { "environment.keyword": "PRODUCTION" } }
]
}
}
Now you can go to User section and add your role to user1.
Now you can add index level security (ILS). For this, you need to use Elasticsearch Document-Level Security (DLS). This can be done by creating an index template with a security filter. For example, you can apply the security filter to an index template using the Elasticsearch Template API:
PUT _index_template/appliance_production_template
{
"index_patterns": ["appli*"],
"template": {
"settings": {
"index": {
"security": {
"dls": "{
"bool": {
"must": [
{ "term": { "name.keyword": "APPLI1" } },
{ "term": { "environment.keyword": "PRODUCTION" } }
]
}
}"
}
}
}
}
}
I hope it helps.
Often users create a Kibana Space and associate the role with that space and user that way say a team can only look at their services.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.