We have searchguard configured to perform authentication and authorization with our ldap, but only have roles assigned to a select few users. When users without roles are able to authenticate in kibana, they are shown the normal UI, except that the main content is blank for every link in the toolbar. Is there a user whitelist feature yet? If not, is there some way to display a message to the user explaining that they have insufficient permissions? We are currently using v6.4.3 of ELK but have plans to upgrade to v7.7.0.
Yes, you can configure either whitelist or blacklist, but only starting from Search Guard v7.0.0, for example
Blacklist
sg_blocks.yml
demo_user_blocked:
type: "name"
value: ["John Doe"] # you can also use regular expressions and wildcards, e.g. '* Doe'
verdict: "disallow"
Whitelist
sg_blocks.yml
demo_user_blocked:
type: "name"
value: ["John Doe"] # you can also use regular expressions and wildcards, e.g. '* Doe'
verdict: "allow"
No, there is no way to have such warning by default before a user executes any action. But there is error if the user tries to execute an action when he doesn’t have enough permissions, for example
or
etc.
Also, the user can always see the roles assigned to him in the Account app, for example
kibana.yml
searchguard.accountinfo.enabled: true
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.