Forbidden ACL Rules not showing in PowerShell


(Nic) #1

For some reason, the FORBIDDEN actions in PowerShell are blank entries, however, the ALLOWED appear as expected. Is there a setting I am missing to show the Forbidden actions?

Here is a screenshot of every FORBIDDEN action that is recorded:

I am running the 6.2.4 stack and ROR 1.16.19 on Java 10.0.1 on Windows Server 2016 inside PowerShell as ./elasticsearch.bat

PowerShell version:
Name Value


PSVersion 5.1.14393.2248
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
BuildVersion 10.0.14393.2248
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1

ROR.yml
readonlyrest:
enable: true

  ssl:
    enable: true
    keystore_file: "ks.jks"
    keystore_pass: "***"
    key_pass: "***"
    allowed_protocols: [TLSv1.2]

   access_control_rules:
     - name: "::Kibana-Browser-User1::"
       type: allow
       groups: ["ReadOnly"]
       kibana_access: ro
       indices: ["winlogbeat-*", ".kibana*"]

    - name: "::Kibana-Browser-User2::"
      type: allow
      groups: ["SocAdmin"]
      kibana_access: rw
      indices: ["winlogbeat-*", ".kibana*"]
      
    - name: "::Kibana-Elastic::"
      type: allow
      groups: ["KibanaAdmins"]
      kibana_access: rw
      indices: ["winlogbeat-*", ".kibana*"]

  users:
     
    - username: *
      auth_key: *
      groups: ["ReadOnly"]
      
    - username: *
      auth_key: *
      groups: ["ReadOnly"]
      
    - username: *
      auth_key: *
      groups: ["SocAdmin"]
      
    - username: *
      auth_key: *
      groups: ["KibanaAdmins"]