Role based access control to limit some users from modifying Kibana Settings, index patterns, index management, lifecycle policies, rollups, transforms, remote clusters, snapshots, dev tools, etc… While being able to allow access to other users on a per application basis
This can be done by Search Guard Multitenancy.
Multitenancy breaks our cluster due to the shear number of kibana indices created overloading the cluster state.
Multitenancy does not fullfill the complete request only portions of it, whereas RBAC would.
Actually we work on RBAC. Although I can’t give you the time of arrival for this feature right now. Stay tuned to our news.
Multitenancy breaks our cluster due to the shear number of kibana indices created overloading the cluster state.
Thank you for the feedback. How many indices does the Multitenancy create for you? Do you see any errors in the Kibana or Elasticsearch log? Does Kibana get stuck in the index migration phase? How do you see the cluster is overloaded?
multitenancy creates over 500 indices… One per User… Every time we have tested it, the cluster is healthy until users begin using it… at which point the cluster crashes and is unrecoverable until we disable multi-tenancy…
Hi @lzukel. I added this as a high priority issue to the queue. I’ll reach back to you once we have it working.
One more question. What SG and Elastic versions do you use?
Currently we are on:
ES 7.5.2
SG 40.0.0
We will be upgrading to in the next couple of weeks to:
ES 7.8.1
SG latest