Kibana exposes index names with Shield

elasticphil · February 8, 2016, 3:02pm

Hi all,

hopefully it is only a configuration issue on my side ...

I'm currently setting up an ELK environment with Shield and therefore i've created a user role, which is restricted to one index (due to multi-tenancy reasons: 1 client - 1 index). Is the intended behaviour of Shield/Kibana, that the user is allowed to see all indices names in the cluster, even if the user has no access to it? For sure, the user can not see the content of the index, but still sees the index names. Is there a way to hide these index names to the user?

tbragin · February 19, 2016, 2:32pm

Do you mean Kibana index patterns? At this time, there is no way to restrict access to views in Kibana or objects stored in the .kibana index, and index pattern is one of those objects. It's something we're definitely thinking about;

Topic		Replies	Views
Details about kibana code flow Kibana	3	1105	July 6, 2017
Indices/dashboards etc names visibility for every user? Elasticsearch elastic-stack-security	5	1474	July 6, 2017
Giving Select Index Pattern Access in Kibana to Users using Shield Kibana	8	2629	July 6, 2017
[security 6.2.2] hide some visualizations and index patterns Elasticsearch	4	667	May 2, 2018
Restrict a user to see only their queries and indexes Kibana	2	597	December 14, 2016

Kibana exposes index names with Shield

Related topics