Need some proper guidance on setting up security in ELK.
Problem Definition:
I have a webapp that will display Kibana reports and dashbaords. The ""iframe" url is embedded to various menu/submenu in my app that will display reports.
I am able to get this to work. However, when users go to app.domain.com:5601 they can access the console... this is a serious issue I would like to address.
I want to restrict users from accessing the console and just be able to view kibana reports. Any suggestions appreciated.
I have taken many routes to address this problem with (TLS on ES, and KIbana), securing (Kibana to ES) etc which I am not sure is really addressing my core problem.
When I enable xpack.security on elastic and kibana, then, clicking on the report buttons puts me on a login window. I prefer the users authenticated behind the scenes and the reports shows up.
I assume, with xpack enabled, the cannot reach the console/management pages by simply going to 5601. I can test it. But wanted to confirm as well.
I am looking for a solution using an API call with an encrypted id/password credentails being passed to access the kibana reports.
In my app, all registered users are OAUTH'd into the app, once they are logged in, they all have access to all reports. So having some sort of API call with a KEY that authenticates and displays the report is ideal.
so I need to have
TLS - between kibana and elastic
TLS- between kibana cluster (currently I don't have a cluster) but if I did...
TLS between client (web browser) and elastic
and then test the API based option?
Is that the list of steps? I have some implemented but would like to know the overall steps to get this accomplished.
@tenet_testuser1 Yes, you want security enabled on your ES cluster and between the cluster and Kibana. I would do that first and then work on automating authentication with kibana.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.