How to implement Field level Security with X-Pack?

vikas_gopal · September 1, 2017, 1:52pm

Hi Experts,

I was checking the docs and it says I can restrict user to a certain fields as well with X-Pack. So this is what I am doing .

POST /_xpack/security/role/testing
{
    "indices" : [
        {
            "names":[".kibana","abc"],
            "privileges": ["read"],
            "field_security": {
               "grant": ["src"]
            }
            
        }
        ]
}

Now assigning this role to a user

POST /_xpack/security/user/test
{
"password" : "abc123",
"roles" : ["kibana_user", "testing"],
"full_name" : "test user",
"email" : "test@test.com"

}

After above I can see the role and user been created in Kibana management page . But when I login into kibana with this user I cannot see any record in the Discover page . But if I change the

"grant" : ["src"] to "grant" : ["*"]

, things are working fine . Can some one make me understand what is the use of Grant field option in Kibana or how to restrict user to a certain field ?

Regards
Vikas

colby · September 1, 2017, 6:28pm

Vikas, are you working with sensitive data? Like healthcare data?

vikas_gopal · September 4, 2017, 7:07am

Hi Colby,

NO!!, I am working on security data .

Regards
VG

vikas_gopal · September 4, 2017, 11:17am

Any input from anyone please ?

system · October 2, 2017, 11:17am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Allow user only certain documents from certain indices Elasticsearch	2	5175	January 10, 2018
How to restrict user to access only Kibana dashboard Elasticsearch	6	3079	July 27, 2018
Security_exeption Xpack Elasticsearch	4	3923	August 15, 2017
Role Management - Access to 1 index only Elasticsearch	9	2869	June 27, 2018
Is there an X-Pack security interface? Elasticsearch	2	794	January 16, 2017

How to implement Field level Security with X-Pack?

Related Topics