mdnuts
(mdnuts)
1
A few Questions/Points.
1st: I noticed when logging in as admin and if I go to “management” where you can manage es or kibana indexes, etc. there’s an ES log that says
FORBIDDEN by default.
TYP: RRAdminRequest
CGR: Admins
USR: admin(?)
BRS: false
KDX: null,
Act: indices:admin/ilm/explain
- and it won’t load any of the index lifecycle policies.
2nd: for kibana_access: is it just ro, rw and admin?
3rd: anyway to remove index names from discovery if a user is only allowed access to a select number of them?
thanks!
sscarduzio
(Simone Scarduzio)
2
Hi @mdnuts,
Fixed that, will be in the next release. For the moment you can add an ACL block to explicitly enable those actions for your admin accounts.
From my tests, the missing action names are the following:
- “indices:admin/ilm/explain”,
- “indices:monitor/settings/get”,
- “indices:monitor/stats”
mdnuts
(mdnuts)
3
Hey Simone,
This didn’t seem to make it in the plugin 1.17.6 for ES6.7.1 - is it in subsequent ones?
sscarduzio
(Simone Scarduzio)
4
yes this is taken care of. Will release soon a new version 
1 Like