Forbidden ACL Rules not showing in PowerShell


(Nic) #1

For some reason, the FORBIDDEN actions in PowerShell are blank entries, however, the ALLOWED appear as expected. Is there a setting I am missing to show the Forbidden actions?

Here is a screenshot of every FORBIDDEN action that is recorded:

I am running the 6.2.4 stack and ROR 1.16.19 on Java 10.0.1 on Windows Server 2016 inside PowerShell as ./elasticsearch.bat

PowerShell version:
Name Value


PSVersion 5.1.14393.2248
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
BuildVersion 10.0.14393.2248
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1

ROR.yml
readonlyrest:
enable: true

  ssl:
    enable: true
    keystore_file: "ks.jks"
    keystore_pass: "***"
    key_pass: "***"
    allowed_protocols: [TLSv1.2]

   access_control_rules:
     - name: "::Kibana-Browser-User1::"
       type: allow
       groups: ["ReadOnly"]
       kibana_access: ro
       indices: ["winlogbeat-*", ".kibana*"]

    - name: "::Kibana-Browser-User2::"
      type: allow
      groups: ["SocAdmin"]
      kibana_access: rw
      indices: ["winlogbeat-*", ".kibana*"]
      
    - name: "::Kibana-Elastic::"
      type: allow
      groups: ["KibanaAdmins"]
      kibana_access: rw
      indices: ["winlogbeat-*", ".kibana*"]

  users:
     
    - username: *
      auth_key: *
      groups: ["ReadOnly"]
      
    - username: *
      auth_key: *
      groups: ["ReadOnly"]
      
    - username: *
      auth_key: *
      groups: ["SocAdmin"]
      
    - username: *
      auth_key: *
      groups: ["KibanaAdmins"]

(Nic) #2

I have found that the color for deny rules is the same color as the background. To resolve this, one could edit their PowerShell color settings and change the Screen Background to Black or something different that the default blue color to see ACL Deny.