Hi,
I have been bangging my head against ROR for a while now with no result. I hope someone can help me out.
Here is my readonlyrest.yml
readonlyrest:
access_control_rules:
- name: "::KIBANA-SRV::"
auth_key: kibana:kibana
type: allow
indices: ["*"]
- name: "Require HTTP Basic Auth"
type: allow
auth_key: user:password
and below is my elasticsearch.yml=>
node.name: elk
path.repo: /var/backups
network.host: 0.0.0.0
cluster.initial_master_nodes: [“elk”]
xpack.security.enabled: false
and lastly my kibana.yml
server.host: “0.0.0.0”
elasticsearch.username: “kibana”
elasticsearch.password: “kibana”
xpack.graph.enabled: false
xpack.ml.enabled: false
xpack.monitoring.enabled: true
xpack.security.enabled: false # this is fundamental!
xpack.watcher.enabled: false
I am using elastic 7.12.1 with ROR free plugin for elastic and kibana
Now, using the above configuration I am able to access elastic search on port 9200 using basic auth but that’s not the case with kibana and it throws 401
On close inspection of logs i can see the following outputs inside elastic logs
ALLOWED by { name: ‘::KIBANA-SRV::’, policy: ALLOW, rules: [auth_key,indices] req={ ID:1429412150-2126807733#9030, TYP:GetRequest, CGR:N/A, USR:user, BRS:true, KDX:null, ACT:indices:data/read/get, OA:127.0.0.1/32, XFF:null, DA:127.0.0.1/32, IDX:.kibana_7.12.1, MET:GET, PTH:/.kibana_7.12.1/_doc/telemetry:telemetry, CNT:<N/A>, HDR:Authorization=, Connection=keep-alive, Host=localhost:9200, content-length=0, user-agent=elasticsearch-js/7.12.0-canary.7 (linux 5.8.0-1041-aws-x64; Node.js v14.16.1), x-elastic-client-meta=es=7.12.0p,js=14.16.1,t=7.12.0p,hc=14.16.1, x-elastic-product-origin=kibana, HIS:[::KIBANA-SRV::-> RULES:[auth_key->true, indices->true] RESOLVED:[user=user;indices=.kibana_7.12.1]], }
FORBIDDEN by default req={ ID:1748204861-960911583#9029, TYP:SearchRequest, CGR:N/A, USR:[no info about user], BRS:true, KDX:null, ACT:indices:data/read/search, OA:127.0.0.1/32, XFF:null, DA:127.0.0.1/32, IDX:.kibana_7.12.1, MET:POST, PTH:/.kibana_7.12.1/_search, CNT:<OMITTED, LENGTH=480.0 B> , HDR:Connection=keep-alive, Host=localhost:9200, content-length=480, content-type=application/json, user-agent=elasticsearch-js/7.12.0-canary.7 (linux 5.8.0-1041-aws-x64; Node.js v14.16.1), x-elastic-client-meta=es=7.12.0p,js=14.16.1,t=7.12.0p,hc=14.16.1, x-elastic-product-origin=kibana, HIS:[::KIBANA-SRV::-> RULES:[auth_key->false] RESOLVED:[indices=.kibana_7.12.1]], [Require HTTP Basic Auth-> RULES:[auth_key->false] RESOLVED:[indices=.kibana_7.12.1]], }
can someone please help me why auth_key->false
and how can i fix this