Issue regarding permission of index


(Akhilesh Tiwari) #1

Hi,

As your discussion with @Ajit i have remove .kibana index from first block but the issue is same
index1 readable to user1.
Actually our main requirement is security between user and index,but here the security is going to break.

please guide us…


(Simone Scarduzio) #2

I don’t understand the requirement: do you need user1 to be a Kibana user or not?


(Simone Scarduzio) #3

The key thing to understand is that “kibana_access” allows the minimum set of actions necessary for a Kibana session to work.
If you use the indices rule, you need to include the “.kibana” index in the allowed list, because that’s fundamental for a Kibana session.
But you also need some indices to be shown in graphs as data, so you added “index1” to the indices rule.


(Ajit) #4

Hi,

We are talking about GET index1 query in dev tool.
To create index : indices:data/write/*
To Read Index : indices:data/read/
To Delete Index : indices:admin/delete

Create index and delete index is working fine for me. But when I removed read permission then GET index1 command should not be work.

About java. I have java client to fetch data from ES. I am using GET command through java. If I want restrict GET operation on index1 it should work. It should give exception no permissions to GET or READ.


(Simone Scarduzio) #5

@ajit then, please create another, independent username with another password and give that to the Java client! Why to use the same user with Kibana? Kibana cannot work without the indices:data/read enabled!