I successfuly configure multitenancy on kibana but the default tenants are not working, because changes on global and private are shared.
This is the sg_config.yml part for kibana:
kibana:
server_username: 'kibanaserver'
multitenancy_enabled: true
index: ".kibana"
do_not_fail_on_forbidden: true
This is the kibana.yml file configuration:
server.port: 5601
server.host: 0.0.0.0
elasticsearch.url: "https://172.17.0.1:9200/"
elasticsearch.ssl.verificationMode: "certificate"
elasticsearch.ssl.certificate: "/usr/share/kibana/kibanaserver.pem"
elasticsearch.ssl.key: "/usr/share/kibana/kibanaserver.key"
elasticsearch.ssl.certificateAuthorities: [ "/usr/share/kibana/root-ca.pem" ]
elasticsearch.username: kibanaserver
elasticsearch.password: password
elasticsearch.requestHeadersWhitelist: [ "sgtenant", "Authorization", "authorization" ]
kibana.index: ".kibana"
searchguard.allow_client_certificates: true
searchguard.basicauth.enabled: true
searchguard.multitenancy.enabled: true
searchguard.multitenancy.tenants.enable_global: true
searchguard.multitenancy.tenants.enable_private: true
I want the users to have a private tenant for them but when i change create visualizations on private, they also appear on global.
Also i have seen that no new index is created. only .kibana is present.
Thanks for your help. I'm testing search-guard in order to buy a license.
Im using v6.2.4.
PD: I have tried disabling both and using a custom tenant on sg_roles.yml, but looks like the parser doesnt overwrite the ${user_name} on tenant names:
tenants:
"private-${user_name}": RW