groyee
April 25, 2017, 12:30pm
1
Hi,
Is it possible to create a kibana/elastic user limited to a specific index?
I would like that this user will be able to perform all readonly operations on a specific index. He must not see any other indices in the cluster.
I did create a user with a role that is limited to specific index but it didn't work with an error:
you need the privileges granted by both the kibana user and monitoring user roles.
So I added these roles as well to the user but now this user can see other indices.
Thanks.
LeeDr
April 25, 2017, 1:34pm
2
Your user can see that the other indices are there, but can't see any data from them, correct?
If that's your issue, you can't fix that in Kibana. The list of index patterns is stored in the .kibana index which the user has to have access to.
Lee
groyee
April 25, 2017, 2:21pm
3
This is correct.
Sounds really strange that this is the user management in Kibana. What type of security is it?
Do you think something like this can solve this?
# Kibana Multitenancy
**Note: Kibana multitenancy is available for Elasticsearch/Kibana 5.0.2 and above!**
## Overview
Kibana does not support multi tenancy out of the box. This means that all stored objects, such as dashboards, visualizations and saved searches are stored in a global Kibana index.
This index is configured in `kibana.yml`:
```
kibana.index: ".kibana"
```
Kibana uses the Kibana server user to read and write from this index. The Kibana server user is also configured in `kibana.yml`:
```
elasticsearch.username: "kibanaserver"
elasticsearch.password: "kibanaserver"
```
show original
ppisljar
April 25, 2017, 2:46pm
4
We are actively working on improved security. Even with the multitenancy i don't think you'll be able to work around the issue you are describing.
system
May 23, 2017, 3:00pm
5
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.