If I am not wrong, shield is in front of elasticsearch and a separate installation has to be done also in front of Kibana. In the 1st case it is clear that it is possible to assign roles for each user to access certain indices and certain fields in those indices. Regarding the Kibana shield plugin, do we have to redefine the same roles for each user again (if possible) or are these 2 plugins connected in the sense that if a user tries to access through Kibana some fields that he is not allowed to see according to his role defined in the elasticsearch shield, he will be blocked? There is an example in the Kibana shield part documentation for role definition which does not go deeper than the index level.
Is there an online platform provided by you where I can test some basic things regarding shield and present them to my management without having to do all the installations (ELK, shield) in a test server?
Thank you for your responses. Just to be 100% sure, can you comment on the following?
If you have not installed shield in Kibana, but only in Elasticsearch, you connect without authentification to Kibana and when you run a query from Kibana, you are asked to provide your credentials in order to connect to Elasticsearch.
The users and the roles are all defined in the shield plugin in Elasticsearch. The only reason to install shield also in Kibana is to have the authentication before you connect to Kibana.
The example used for defining a role for Kibana is the following:
Is there Field Level Security possible as it is for elasticsearch users? Can we define the fields of the indices where the Kibana user can have access like the following one for the fields "title", "body":
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.