When I use GET /_security/role/ in Dev tools, I can't see the roles that are defined in roles.yml. How can I see those roles in Kibana ?
1 Like
Hello
Unfortunately I think you only can see the native realm with Kibana.
Native realm documentation: https://www.elastic.co/guide/en/elastic-stack-overview/7.2/realms.html
File based realm documentation: https://www.elastic.co/guide/en/elastic-stack-overview/7.2/file-realm.html
Realm list documentation: https://www.elastic.co/guide/en/elastic-stack-overview/7.2/realms.html
I hope this helps
- Since you said "unfortunately", is it safe to assume that this is not by design ?
- Is there any way of verifying the existence of a role from the file based realm?
Hello
As you can read at https://www.elastic.co/guide/en/elastic-stack-overview/7.2/file-realm.html:
The
filerealm is primarily supported to serve as a fallback/recovery realm. It is mostly useful in situations where all users locked themselves out of the system (no one remembers their username/password). In this type of scenarios, thefilerealm is your only way out - you can define a newadminuser in thefilerealm and use it to log in and reset the credentials of all other users.
And in the following link you can see that the administrator must ensure the propagation of the roles and users because elastic have no way to check it.
In order to check the roles you should check the files on all the nodes.
When I was using this realm as main realm back in elasticsearch 2.2 I faced some issues for not propagating correctly the roles.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.