Managing field access from kibana

security

(Dimitrios Paspaltzis) #1

Could you comment on the following points?

  1. If you have not installed shield in Kibana, but only in Elasticsearch, you connect without authentification to Kibana and when you run a query from Kibana, you are asked to provide your credentials in order to connect to Elasticsearch.
  2. The users and the roles are all defined in the shield plugin in Elasticsearch. The only reason to install shield also in Kibana is to have the authentication before you connect to Kibana.
  3. The example given in the documentation for defining a role for Kibana is the following:

my_kibana_user:
cluster:

  • monitor
    indices:
  • names: 'logstash-*'
    privileges:
  • view_index_metadata
  • read
  • names: '.kibana*'
    privileges:
  • manage
  • read
  • index

Is there Field Level Security possible as it is for elasticsearch users? Can we define the fields of the indices where the Kibana user can have access like the following one for the fields "title", "body":

POST /_shield/role/my_fls_role
{
"indices": [
{
"names": [ "index1", "index2" ],
"privileges": ["read"],
"fields": [ "title", "body" ]
}
]
}

Thank you in advance.

Kind regards,

Dimitrios


(Jay Modi) #2

I believe that this should work. One thing to be aware of is that Kibana may still expose the names of other fields that a user does not have access to.


(system) #3