But then I get FORBIDDEN in ES logs. I thought I should add kibana.index: .kibana-@{acl:current_group} to kibana.yml but then I get "Another Kibana instance appears to be migrating the index. Waiting for that migration to complete. If no other Kibana instance is attempting migrations, you can get past this message by deleting index .kibana-@{acl:current_group}_1 and restarting Kibana." on Kibana restart. The result is the same with readonlyrest_kbn and without it.
How should I proceed? Is this feature is PRO or Enterprise only? If so, could you, please, specify editions to which configuration directive is applicable?
You have an indentation problem. You re putting ACL rules under ldap_authorization. I suggest moving indices, kibana_index and kibana access above the ldap* rules.
Thank you for pointing out, it was just a formatting issue. Of course, I have this config working on my RoR node. Edited my original post for consistency.
My question is mostly: how does kibana_index setting works in case when Kibana doesn’t have ror_kbn plugin installed. Do I need to install kibana plugin? What should I set in kibana.yml file for kibana.index?
I think if you install our kibana free plugin, and add xpack.security.enabled: false to kibana.yml it should work.
I assume you already set up elasticsearch credentials in it.
They will just not be able to switch between tenancies, and you won’t be able to hide kibana apps, or tweak kibana appearance with css/js.
Also, the ror settings editor won’t work in free. You’re stuck editing the yaml files and restarting all nodes.
So, in order to get kibana_index work, I should modify Kibana’s kibana.index setting, right? And this will work only when ror_kbn plugin is installed, am I right?