Hi,
With document level security enabled, we were able to restrict document access to certain users based on their role. These users login usually login from their personal laptops.
But, we want same users to be able to access all documents (no doc-level security) when logged in from a specific computer with fixed IP.
Any help appreciated !!
The Elastic Stack does not aim to be a general purpose, full featured identity provider, and does not provide support for IP aware roles.
Your best option would be to use a SAML IdP for this. If the IdP can expose an attribute indicating whether the user is on an internal IP address, then Elasticsearch can use that to perform role mapping and assign a different set of roles.
Thanks for the response. will try alternatives
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.