Elasticsearch port cluster


(Narendra Kumar) #1

In a port elasticsearch cluster, 2 nodes(4 port each) master,data and coordinating node is there. After moving elasticsearch plugin and configuring yml file, it works fine for admin users. For restricted access users able to login, dashboard click shows error and nothing reflecting
.
Ref link cluster setup: https://discuss.elastic.co/t/how-do-i-create-multiple-nodes-on-the-same-computer/86839

yml file config:

readonlyrest:

# IMPORTANT FOR LOGIN/LOGOUT TO WORK WITH ROR PLUGIN FOR KIBANA
prompt_for_basic_auth: false

access_control_rules:

#########################################################
# These credentials shall be used by the logstash daemon.
#########################################################  
- name: "::LOGSTASH::"
  auth_key: logstash:logstash
  actions: ["indices:data/read/*","indices:data/write/*","indices:admin/template/*","indices:admin/create"]
  indices: ["*logstash-*"]

- name: prevent direct access to in-index settings
  indices: [".readonlyrest"]
  type: forbid

- name: "Require HTTP Basic Auth"
  type: allow
  auth_key: admin:[email protected]



#####################################################################################
# These credentials have no limitations, and shall be used only by the Kibana deamon.
#####################################################################################
- name: "::KIBANA-SRV::"
  auth_key: kibana:kibana

#######################
# Actual human users...
#######################
- name: "::RO_STRICT::"
  kibana_access: ro_strict
  groups: ["network"]
  indices: [ metricbeat-*]
  kibana_hide_apps: ["readonlyrest_kbn", "kibana:dev_tools","kibana:discover","kibana:management","timelion","apm"]
 
- name: "::RO_STRICT::"
  kibana_access: ro_strict
  groups: ["application"]
  indices: [ financial-*,meta-*]
  kibana_hide_apps: ["readonlyrest_kbn", "kibana:dev_tools","kibana:discover","kibana:management","timelion","apm"]

- name: "::RO_STRICT::"
  kibana_access: ro_strict
  groups: ["support_and_operation"]
  indices: ["*"]
  kibana_hide_apps: ["readonlyrest_kbn", "kibana:dev_tools","kibana:discover","kibana:management","timelion","apm"]

- name: "::RO_STRICT::"
  kibana_access: ro_strict
  groups: ["developer"]
  indices: ["*"]
  kibana_hide_apps: ["readonlyrest_kbn"]


- name: "::RO_STRICT::"
  groups: ["tech"]
  kibana_access: ro_strict
  indices: [".kibana", ".kibana-devnull", "logstash-*"]
  kibana_hide_apps: ["readonlyrest_kbn", "timelion", "kibana:dev_tools", "kibana:management"]



users:

- username: xyz
  auth_key: xyz:[email protected]
  groups: ["network"]

- username: data
  auth_key: data:[email protected]
  groups: ["application"]


- username: tech
  auth_key: tech:[email protected]
  groups: ["tech"]

(Simone Scarduzio) #2

@Naren was this resolved? How?