Issue
How to prevent users who have access to kibana dev tools, from making any inadvertent changes , updates or deletes in a particular index.Basically what I am looking for is, some kind of authorisation for a particular index, so that only authorised users can be given R/W access and any other users should have only R permission.
Solution
You can define privileges like read, write, delete etc. in user roles. Privileges can be categorized into cluster- and index-privileges as documented on this page:
https://www.elastic.co/guide/en/elasticsearch/reference/current/security-privileges.html
The index-privileges are what you're looking for.
After creating the roles (e.g. one for read-write and one for read-only), you simply need to add the particular users to these roles. Elasticsearch will then check the user's privileges on every action they try to execute and prevent them if needed. This is done via the has_privileges API Elasticsearch internally uses.
Here's a guide on how to define roles:
https://www.elastic.co/guide/en/elasticsearch/reference/current/defining-roles.html
Here are some further resources related to that topic:
https://www.elastic.co/guide/en/elasticsearch/reference/current/authorization.html
https://www.elastic.co/guide/en/kibana/current/development-security-rbac.html
I hope I could help you.
Answered By - apt-get_install_skill Answer Checked By - Katrina (PHPFixing Volunteer)
Posts
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.