Hi community,
I am asking for advice, if you could help with this security problem:
ES version 7.92 (in docker )
created role with access the index bs_hdm_tr69_*
created user this role
but user can access all indices
i.e: this index should not be accessed but query provides results
curl -s -XGET -u test_simik:test_simik "http://oscar1:9200/bs_config_00001/search"
I supposed the user can access only bs_hdm_tr69* index
Please do you have any advice how to troubleshoot this?.
I have also 2 clusters non-docker - installed on centos and the security there works normally.
Have you already tried to use the authenticate API? When used, it returns all roles the current user has - maybe the privilege is coming from another role?
Yes this is the case !!!
Thank you, you guided me to a point of the problem.
I will explain:
working scenario kibana->[elastic_node_loadbalancer_only]{anonymous disabled}
notworking scenario kibana->[elastic_node_universal_node]{anonymous enabled}
I forgot that in docker version I have kibana configured against all datanodes with enabled anonymous mode, but the problematic cluster is VM based implementation where I have kibana configured against loadbalancer node running on the same VM with disabled anonymous mode. The reason of having anonymous mode are user clients from old past when elastic did not support security and i am waiting for developers to reconfigure all the client before I disable this anonymous mode.
So thank you for very fast responses
I did not checked this hypothesis yet but I am sure it is is.
so the solution will be to implement docker elastic loadbalancer node with disabled security and configure the kibana against this node..
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.