Hi,
Can we implement access management for Kibana based on different index patterns?
Example: I have Applications in our centralized logging as sales, tf, rss, crm, etc. Indexes are created on the basis of applications. Like crm-YYYY-MM-DD, sales-YYYY-MM-DD.
User of sales should not be able to access crm index data. How can we acehiev this in Kibana?
br,
Sunil
This is easy with the Shield product. If Shield isn't an option you should be able to have different Kibana instances that different users have access to, where each Kibana instance in turn accesses ES using their own credentials that grants different access.
Hi,
can you please elaborate below things?
Does different instances of Kibana need any changes in ES cluster (Indexing strategy)?
Different Kibana instances means instances running on diferent port, pointing to same ES cluster?
If Yes, then sales user can configure index pattern for crm* and easily access crm data in UI.
br,
Sunil
Does different instances of Kibana need any changes in ES cluster (Indexing strategy)?
No, but you need to put ES behind a reverse proxy that can limits what each user can access.
Different Kibana instances means instances running on diferent port, pointing to same ES cluster?
Yes.
@magnusbaeck could you please pop a practical example how to limit index access with reverse proxy
Do you mean deny particular URI access per kibana node?
Many thanks
Marcin
could you please pop a practical example how to limit index access with reverse proxy
Sorry, I don't have time to do that but I'm sure there are examples around. I certainly had inspiration when I set it up last year.
Do you mean deny particular URI access per kibana node?
Yes. Since the index name is part of the URL you can restrict what can be accessed.
Many thanks.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.