Hello!
We’re testing RoR and i would like to know if there is a way of creating elasticsearch users only, with no access to kibana? With elasticsearch security we can configure roles that grant no access to kibana or no kibana privileges.
Thank you!
Hello Juliana,
ROR does not have that “elasticsearch only” switch. But it’s very flexible.
Try something like this: (EDITED)
readonlyrest:
access_control_rules:
- name: juliana
auth_key: juliana:x
kibana:
access: api_only
allowed_api_paths: [ "^___NO_PATH___$" ]
Let me know if this works for you.
BTW: Please keep the questions coming! Even if you want to simply double check your settings with us, or tell us your general impressions about the product, or the documentation.
If you prefer, feel free to open a private chat with me or support team.
With the above, I cannot login with the Kibana login form.
And when I try to reach the Kibana API:
$ curl -k "https://localhost:5601/api/index_management/indices" -ujuliana:x
{
"status_code": 403,
"status": "forbidden",
"message": "forbidden"
}
And when I try to reach Elasticsearch, it works:
$ curl "http://localhost:9200/_cat/indices" -ujuliana:x
yellow open .readonlyrest_kbn_sessions Qj6oK7awR5KQWxUmmETR6w 1 1 3 0 26.8kb 26.8kb
yellow open readonlyrest_audit--2023-08-01 SXYcQ2C-S4qwQbB6aJezOg 1 1 4 0 16.6kb 16.6kb