How to implement Field level Security with X-Pack?


(Vikas Gopal) #1

Hi Experts,

I was checking the docs and it says I can restrict user to a certain fields as well with X-Pack. So this is what I am doing .

POST /_xpack/security/role/testing
{
    "indices" : [
        {
            "names":[".kibana","abc"],
            "privileges": ["read"],
            "field_security": {
               "grant": ["src"]
            }
            
        }
        ]
} 

Now assigning this role to a user

POST /_xpack/security/user/test
{
"password" : "abc123",
"roles" : ["kibana_user", "testing"],
"full_name" : "test user",
"email" : "test@test.com"

}

After above I can see the role and user been created in Kibana management page . But when I login into kibana with this user I cannot see any record in the Discover page . But if I change the

"grant" : ["src"] to "grant" : ["*"]

, things are working fine . Can some one make me understand what is the use of Grant field option in Kibana or how to restrict user to a certain field ?

Regards
Vikas


#2

Vikas, are you working with sensitive data? Like healthcare data?


(Vikas Gopal) #3

Hi Colby,

NO!!, I am working on security data .

Regards
VG


(Vikas Gopal) #4

Any input from anyone please ?


(system) #5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.