For some reason, the FORBIDDEN actions in PowerShell are blank entries, however, the ALLOWED appear as expected. Is there a setting I am missing to show the Forbidden actions?
Here is a screenshot of every FORBIDDEN action that is recorded:
I am running the 6.2.4 stack and ROR 1.16.19 on Java 10.0.1 on Windows Server 2016 inside PowerShell as ./elasticsearch.bat
PowerShell version:
Name Value
PSVersion 5.1.14393.2248
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
BuildVersion 10.0.14393.2248
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
ROR.yml
readonlyrest:
enable: true
ssl:
enable: true
keystore_file: "ks.jks"
keystore_pass: "***"
key_pass: "***"
allowed_protocols: [TLSv1.2]
access_control_rules:
- name: "::Kibana-Browser-User1::"
type: allow
groups: ["ReadOnly"]
kibana_access: ro
indices: ["winlogbeat-*", ".kibana*"]
- name: "::Kibana-Browser-User2::"
type: allow
groups: ["SocAdmin"]
kibana_access: rw
indices: ["winlogbeat-*", ".kibana*"]
- name: "::Kibana-Elastic::"
type: allow
groups: ["KibanaAdmins"]
kibana_access: rw
indices: ["winlogbeat-*", ".kibana*"]
users:
- username: *
auth_key: *
groups: ["ReadOnly"]
- username: *
auth_key: *
groups: ["ReadOnly"]
- username: *
auth_key: *
groups: ["SocAdmin"]
- username: *
auth_key: *
groups: ["KibanaAdmins"]