Hi All,
ROR Version 1.16.11
So I have following ACLs:
access_control_rules:
- name: "::KIBANA-SRV::"
auth_key: kibana:xxx
verbosity: error
- name: "::LOGSTASH::"
auth_key: logstash:xxx
actions: ["cluster:monitor/main","indices:admin/types/exists","indices:data/read/*","indices:data/write/*","indices:admin/template/*","indices:admin/create"]
- name: "::LDAP::"
kibana_access: rw
proxy_auth:
proxy_auth_config: "proxy"
users: ["*"]
ldap_authorization:
name: "ldap" # ldap name from below 'ldaps' section
groups: ["test"]
I can:
- Access Kibana via Proxy Auth Header
- Access/Restrict Indices via LDAP Groups
But I cannot:
- use the Dev Tools in Kibana to e.g. create a new Index:
- I get a forbidden in the logs although I set kibana_access: admin
- I think, it is because of kibana_access: false in the log
What am I doing wrong?
Log:
FORBIDDEN by default req={ ID:1836091209-472991067#44, TYP:IndexRequest, CGR:N/A, USR:test.user, BRS:false, ACT:indices:data/write/index, OA:1.2.3.4, IDX:blabla, MET:POST, PTH:/blabla/log/1, CNT:<OMITTED, LENGTH=22>, HDR: xxx HIS:[::KIBANA-SRV::->[auth_key->false]], [::LOGSTASH::->[auth_key->false]], [::LDAP::->[kibana_access->false, proxy_auth->true]] }
All successfull tasks got:
ldap_authorization->true, kibana_access->true, proxy_auth->true
Regards,
Marcus