How to set authentication only in Kibana

2
votes

I am learning elasticsearch and Kibana now. I need to implement plugin in Kibana to authentication users. I found three ways to da that:

  1. Official Elastic Shield, which would be the best plugin/app, but it's not free.
  2. Search Guard 2 - it's free alternative to Shield, but it's difficult to configure.
  3. Readonly REST Elasticsearch Plugin - simple plugin which offers HTTP auth.

I installed third plugin and configure it in elasticsearch.yml like this:

http.cors.enabled: true
http.cors.allow-origin: /https?:\/\/172.16.7.([0-9])([0-9])(:[0-9]+)?/

readonlyrest:
enable: true
response_if_req_forbidden: Permission denied!
    access_control_rules:
    - name: Kibana
    auth_key: admin:passwd
    type: allow

Now i can see user/password window when I try open localhost:5601 (Kibana), which is really good info, but I can't post data into elasticsearch or even get data in command line. I still want to have Kibana user/password window, but I don't want to have restrict acces to elasticsearch (I want to post, get and delete data). Have you got any ideas?

1
nginxelasticsearchkibana
Possible duplicate of How to set authentication in kibanaOrtomala Lokni

1 Answers

0
votes

Ok, I've got the solution of my problem. If you want to set really simple auth only in Kibana (username + password) you should install nginx. I used this instruction. Then you should block defauld Kibana port (5601):

iptables -A INPUT -p TCP -i eth0 --dport 5601 -j DROP
iptables -A INPUT -p UDP -i eth0 --dport 5601 -j DROP