Creating and setting a Wazuh read-only user

[ismailctest C]

Hi,

Wazuh 4.7 installed and created a readonly user as per below and able to login.

However, the user can access/modify Management > Devtools and Stackmanagement.

Please share the steps to block devtools/stackmanagement for read-only users.

Creating and setting a Wazuh read-only usePermalink to this headline

Follow these steps to create an internal user, create a new role mapping, and give read-only permissions to the user.

1. Log into the Wazuh dashboard as administrator.

2. Click the upper-left menu icon ☰ to open the options, select Security, and then Internal users to open the internal users' page.

   

3. Click Create internal user, provide a username and password, and click Create to complete the action.

4. To map the user to the appropriate role, follow these steps:

   1. Click the upper-left menu icon ☰ to open the options, select Security, and then Roles to open the roles page.

   2. Click Create role, complete the empty fields with the following parameters, and then click Create to complete the task.

      • Name: Assign a name to the role.

      • Cluster permissions: cluster_composite_ops_ro

      • Index: *

      • Index permissions: read

      • Tenant permissions: global_tenant and select the Read only option.

   3. Select the Mapped users tab and click Manage mapping.

   4. Add the user you created in the previous steps and click Map to confirm the action.

[Enrique Araque Espinosa]

Hi,
For users with read-only permissions it is normal that they can access all resources. Regarding the modification, for the devtools section, users are allowed to make GET requests as they do not modify anything, they only read information.
For the stack management section, if users try to modify any field when applying the changes, they will get an error as they do not have the necessary permissions to be able to modify any resource.

I have created a read-only user following the steps in the associated documentation https://documentation.wazuh.com/current/user-manual/user-administration/rbac.html#creating-and-setting-a-wazuh-read-only-user and as I said I cannot modify anything.

Check that the role created is the same as shown in the documentation.
If you need more help with this, feel free to send me any settings you have made in the process.

Best regards.

[ismailctest C]

Hi,

Please help on the below points

1. How to hide devtools and stack management for normal users?
   
2. Need to provide a dashboard and visualize create and modify access for the readonly user, how to do that?
3. Can we restrict specific dashboard access for specific users or group? (Eg: ELK, we have space options)
4. Do we have lens option in wazuh 4.7.5 , wazuh dashboard same as kibana?
   

Thanks,

[ismailctest C]

Hi Enrique ,

Thanks

Please support for the below points also.

1. How to hide devtools/stackmanagent/other menus for readonly users?
2. How to provide read/write/modify access only for dashboard and visualise for readonly user?
3. Can we provide specific dashboard access for selective users? Eg: we have option in ELK - Different space and role creation.

Thanks.

On Thursday 6 June 2024 at 16:58:10 UTC+5:30 Enrique Araque Espinosa wrote:

[Enrique Araque Espinosa]

Hello,

Please, let's open a new thread with this new query so all the community users can benefit from our answers.

[ismailctest C]

Hi,

If you have started a new thread, could you kindly provide the link?