Does there exist a example configuration for multi tenancy with jwt?
I have an existing ELK-stack instance running without ROR, and want to install ROR. I can get it to work fine without multi tenancy, but I am confused as to how you set up multi tenancy.
I have congigured it so that all users have access to the existing .kibana index (seems to be stored as .kibana_1 .kibana_2 .kibana_3 etc) with different access levels. In addition I want to achieve that users with rw-acces to also be able to switch to a private tenancy which only they can use. So they would have a dropdown with the tenancies available to them (the default .kibana index and a private tanancy). How can I achieve this? Would be great if there is some example configuration I can look at.
Here’s my non-multi-tenancy configuration:
access_control_rules: - name: "::KIBANA-SRV::" auth_key: kibana:kibana verbosity: error - name: "::ADMIN_BP::" kibana_access: admin jwt_auth: name: "webseal" roles: ["kibana_admin"] - name: "::RW_BP::" kibana_access: rw jwt_auth: name: "webseal" roles: ["kibana_user"] - name: "::RO_BP::" kibana_access: ro kibana_hide_apps: ["readonlyrest_kbn", "kibana:visualize", "canvas", "apps", "ml", "infra:infrastructure","infra:logs", "apm", "uptime", "siem", "kibana:dev_tools", "monitoring", "kibana:management"] jwt_auth: name: "webseal" roles: ["kibana_readonly"] jwt: - name: webseal signature_algo: RSA signature_key: "MY_KEY" user_claim: sub roles_claim: groups header_name: jwt