I just found out my problem.
I configured elasticsearch.username: “admin” in kibana.yml.
This user has full access to .kibana index. So, even if I log in Kibana as “manager”, I actually inherited admin’s full access rights to .kibana.
I have configured kibana.yml with “manager”, I now only have READ access to .kibana.
After that, I’m problem is solved. When I log in as “admin”, I have full access. If I log in as “manager” or other user, I have READ access only.
On Friday, September 8, 2017 at 7:37:45 PM UTC+8, Search Guard wrote:
What is the problem you experience with the below setup? Are your power users to write anyway to the kibana index or what else is wrong?
Am 08.09.2017 um 11:46 schrieb Garry Song garry...@gmail.com:
Need help. I can’t get my use case to work. I am not able to disallow normal user to save Visualization, Chart, and Searches.
• ES 2.4.6
• Kibana 4.6.6
• SG 2 184.108.40.206
• SG SSL 220.127.116.11
• SG Kibana 4.6.0-2
• sg_admin: full access to Kibana and all indexes
• sg_power_user: full access to all user indexes, Read access to Kibana index
• sg_user: Read access to all indexes
You received this message because you are subscribed to the Google Groups “Search Guard Community Forum” group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
To post to this group, send email to search...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/1c500a83-2392-4075-9fce-41e8552bef93%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.