Hello all,
I see some related posts to this, but not quite the issue I have in mind so I'm hoping someone smarter than I can suggest a solution or two.
For background, I'm just about done setting up an eck cluster in azure with kibana access via front door. Users can authenticate via SSO, however I found that fleet and other items break if basic auth is disabled, this appears to be a known weak spot in the eck operator.
I'm looking for a way to restrict the basic auth option to the local IP range without interfering with SSO. From what I've read, either way rules on front door or an nginx proxy between kibana and front door seem to be the ways to go, though I'm having trouble figuring out how identify basic auth attempts on the kibana log in page.
Has anyone had success with a comparable issue? I'd appreciate hearing how you handled it.
Thanks!