Create New User
169 views
Skip to first unread message
rapolu vinod
Jun 29, 2016, 2:58:41 AM6/29/16
to Search Guard
Hi,
How to Create new user in elasticsearch.
thanakyou,
vinod
Jochen Kressin
Jun 29, 2016, 3:25:08 AM6/29/16
to Search Guard
How you add new users depends on the authentication backend you want to use (LDAP, internal etc.)
You can find general installation instructions, including LDPA etc., here:
https://github.com/floragunncom/search-guard-docs/blob/master/configuration.md
If you want to use the internal user database, you can find an in-depth example in the Kibana section of the documentation as well:
If you want to use the internal user database, you can find an in-depth example in the Kibana section of the documentation as well:
After you made your configuration changes, do not forget to push these changes by using the sgadmin command line tool. See section "Hot config reloading: Using sgadmin" in the configuration chapter of the docs.
Vin
Jun 30, 2016, 4:49:13 AM6/30/16
to Search Guard
hi,
I am able to create new users with all permissions,but How to create a user with read only permissions.
I have followed the below steps.
1) i have created a user in sg_internal_users.yml file
2) i have mapped that user in sg_roles_mapping.yml ,like below
sg_public:
users:
- 'analyst'
3) i have given read permissions to sg_roles.yml
sg_public:
indices:
'*':
'*':
- READ
- GET
- SEARCH
- DATA_ACCESS
4) all works good, but when i tried to read the data from kibana UI it is showing balnk page like below
what is the issue, and how to solve it.
Thankyou
SG
Jul 6, 2016, 8:20:38 AM7/6/16
to search...@googlegroups.com
try:
sg_public:
indices:
'*':
'*':
- indices:admin/mappings/fields/get*
- indices:admin/validate/query*
- indices:admin/get*
'*':
- indices:admin/exists*
- indices:admin/mapping/put*
- indices:admin/mappings/fields/get*
- indices:admin/refresh*
- indices:admin/validate/query*
- indices:data/read/get*
- indices:data/read/mget*
- indices:data/read/search*
- indices:data/write/delete*
- indices:data/write/index*
- indices:data/write/update*
> Am 30.06.2016 um 10:49 schrieb Vin <rapol...@gmail.com>:
>
>
>
> hi,
> I am able to create new users with all permissions,but How to create a user with read only permissions.
>
> I have followed the below steps.
>
> 1) i have created a user in sg_internal_users.yml file
> 2) i have mapped that user in sg_roles_mapping.yml ,like below
>
> sg_public:
> users:
> - 'analyst'
>
> 3) i have given read permissions to sg_roles.yml
>
> sg_public:
> indices:
> '*':
> '*':
> - READ
> - GET
> - SEARCH
> - DATA_ACCESS
>
>
> 4) all works good, but when i tried to read the data from kibana UI it is showing balnk page like below
>
>
>
>
>
>
>
>
>
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/756997ff-abaf-4da7-a8ed-f2003b4173ff%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
sg_public:
indices:
'*':
'*':
- indices:admin/mappings/fields/get*
- indices:admin/validate/query*
- indices:admin/get*
- READ
- GET
- SEARCH
- DATA_ACCESS
'?kibana':
- GET
- SEARCH
- DATA_ACCESS
'*':
- indices:admin/exists*
- indices:admin/mapping/put*
- indices:admin/mappings/fields/get*
- indices:admin/refresh*
- indices:admin/validate/query*
- indices:data/read/get*
- indices:data/read/mget*
- indices:data/read/search*
- indices:data/write/delete*
- indices:data/write/index*
- indices:data/write/update*
> Am 30.06.2016 um 10:49 schrieb Vin <rapol...@gmail.com>:
>
>
>
> hi,
> I am able to create new users with all permissions,but How to create a user with read only permissions.
>
> I have followed the below steps.
>
> 1) i have created a user in sg_internal_users.yml file
> 2) i have mapped that user in sg_roles_mapping.yml ,like below
>
> sg_public:
> users:
> - 'analyst'
>
> 3) i have given read permissions to sg_roles.yml
>
> sg_public:
> indices:
> '*':
> '*':
> - READ
> - GET
> - SEARCH
> - DATA_ACCESS
>
>
> 4) all works good, but when i tried to read the data from kibana UI it is showing balnk page like below
>
>
>
>
>
>
>
>
>
> what is the issue, and how to solve it.
>
> Thankyou
>
>
>
> On Wednesday, 29 June 2016 12:28:41 UTC+5:30, Vin wrote:
> Hi,
>
>
> How to Create new user in elasticsearch.
>
> thanakyou,
> vinod
>
> --
>
> Thankyou
>
>
>
> On Wednesday, 29 June 2016 12:28:41 UTC+5:30, Vin wrote:
> Hi,
>
>
> How to Create new user in elasticsearch.
>
> thanakyou,
> vinod
>
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/756997ff-abaf-4da7-a8ed-f2003b4173ff%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Vin
Jul 6, 2016, 8:31:42 AM7/6/16
to Search Guard
Its Working...
Thank you So much :)
Vin
Jul 6, 2016, 8:34:58 AM7/6/16
to Search Guard
And I have One More Doubt..
How can we give read only permissions to the selected indexes.
On Wednesday, 29 June 2016 12:28:41 UTC+5:30, Vin wrote:
SG
Jul 7, 2016, 2:42:06 AM7/7/16
to search...@googlegroups.com
sg_public:
indices:
'the_index_which should_be_readonly':
indices:
'the_index_which should_be_readonly':
'*':
- indices:admin/mappings/fields/get*
- indices:admin/validate/query*
- indices:admin/get*
- READ
- indices:admin/mappings/fields/get*
- indices:admin/validate/query*
- indices:admin/get*
- READ
'?kibana':
'*':
- indices:admin/exists*
- indices:admin/mapping/put*
- indices:admin/mappings/fields/get*
- indices:admin/refresh*
- indices:admin/validate/query*
- indices:data/read/get*
- indices:data/read/mget*
- indices:data/read/search*
- indices:data/write/delete*
- indices:data/write/index*
- indices:data/write/update*
'*':
- indices:admin/exists*
- indices:admin/mapping/put*
- indices:admin/mappings/fields/get*
- indices:admin/refresh*
- indices:admin/validate/query*
- indices:data/read/get*
- indices:data/read/mget*
- indices:data/read/search*
- indices:data/write/delete*
- indices:data/write/index*
- indices:data/write/update*
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/27bf40cf-04cc-42e7-8ed0-ba7d31126e4b%40googlegroups.com.
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
Vin
Jul 8, 2016, 1:00:59 AM7/8/16
to Search Guard
Thankyou.. :)
On Wednesday, 29 June 2016 12:28:41 UTC+5:30, Vin wrote:
Reply all
Reply to author
Forward
0 new messages