Also tried with RoR 1.32.0 on Kibana (with 1.31.0 on Elasticsearch (more difficult to temp upgrade), also gives forbidden.
User with RW permissions on Kibana is not allowed to shorten URL’s.
I would asume even user with only RO permission on Kibana is allowed to shorten URL.
access_control_rules: - name: "Allow team X read access to all indices" kibana_access: rw kibana_hide_apps: ["Analytics|Maps", "Analytics|Overview", "Observability", "Security", "readonlyrest_kbn", "Management", "Enterprise Search"] groups: ["X"] users: - username: theusersusersname auth_key_sha256: his-sha-hash groups: ["X"]
[Allow team X read access to all indices-> RULES:[groups->true kibana_hide_apps->true kibana_access->false] RESOLVED:[user=theusersusersname;group=X;av_groups=X;indices=.kibana_7.12.1]]
The audit event shows it as:
PUT indices:data/write/index IndexRequest /.kibana_7.12.1/_create/url:462a9265e68b04ce59dfb0cc4b428c1b
A user with level unrestricted is allowed to shorten URL’s.
Could you please check?
Is my assumption that even a RO Kibana user should be able to shorten URL’s correct?