James Rodewig
GitHub
@ -114,7 +114,7 @@ Let's create two users in the native realm.
|
|||||||
|
|
||||||
. Log in to {kib} with the `elastic` built-in user.
|
. Log in to {kib} with the `elastic` built-in user.
|
||||||
|
|
||||||
. Go to the *Management / Security / Users* page:
|
. Open the menu. Go to *Stack Management > Security > Users*.
|
||||||
+
|
+
|
||||||
--
|
--
|
||||||
[role="screenshot"]
|
[role="screenshot"]
|
||||||
@ -123,7 +123,7 @@ image::security/images/management-builtin-users.jpg["User management screenshot
|
|||||||
In this example, you can see a list of built-in users.
|
In this example, you can see a list of built-in users.
|
||||||
--
|
--
|
||||||
|
|
||||||
. Click *Create new user*. For example, create a user for yourself:
|
. Click *Create user*. For example, create a user for yourself:
|
||||||
+
|
+
|
||||||
--
|
--
|
||||||
[role="screenshot"]
|
[role="screenshot"]
|
||||||
@ -133,7 +133,7 @@ You'll notice that when you create a user, you can assign it a role. Don't
|
|||||||
choose a role yet--we'll come back to that in subsequent steps.
|
choose a role yet--we'll come back to that in subsequent steps.
|
||||||
--
|
--
|
||||||
|
|
||||||
. Click *Create new user* and create a `logstash_internal` user.
|
. Click *Create user* and create a `logstash_internal` user.
|
||||||
+
|
+
|
||||||
--
|
--
|
||||||
In {stack-gs}/get-started-elastic-stack.html[Getting started with the {stack}],
|
In {stack-gs}/get-started-elastic-stack.html[Getting started with the {stack}],
|
||||||
@ -158,7 +158,7 @@ that can be performed on specific secured resources (such as data streams, indic
|
|||||||
documents, fields, or clusters). To help you get up and running, there are
|
documents, fields, or clusters). To help you get up and running, there are
|
||||||
built-in roles.
|
built-in roles.
|
||||||
|
|
||||||
Go to the *Management / Security / Roles* page to see them:
|
Open the menu and go to *Stack Management > Security > Roles* to see them:
|
||||||
|
|
||||||
[role="screenshot"]
|
[role="screenshot"]
|
||||||
image::security/images/management-roles.jpg["Role management screenshot in Kibana"]
|
image::security/images/management-roles.jpg["Role management screenshot in Kibana"]
|
||||||
@ -167,8 +167,8 @@ Select a role to see more information about its privileges. For example, select
|
|||||||
the `kibana_system` role to see its list of cluster and index privileges. To
|
the `kibana_system` role to see its list of cluster and index privileges. To
|
||||||
learn more, see <<privileges-list-indices>>.
|
learn more, see <<privileges-list-indices>>.
|
||||||
|
|
||||||
Let's assign the `kibana_admin` role to your user. Go back to the
|
Let's assign the `kibana_admin` role to your user. Go back to the *Stack
|
||||||
*Management / Security / Users* page and select your user. Add the `kibana_admin`
|
Management > Security > Users* page and select your user. Add the `kibana_admin`
|
||||||
role and save the change. For example:
|
role and save the change. For example:
|
||||||
|
|
||||||
[role="screenshot"]
|
[role="screenshot"]
|
||||||
@ -183,7 +183,7 @@ If you completed all of the steps in
|
|||||||
have {metricbeat} data stored in {es}. Let's create two roles that grant
|
have {metricbeat} data stored in {es}. Let's create two roles that grant
|
||||||
different levels of access to that data.
|
different levels of access to that data.
|
||||||
|
|
||||||
Go to the *Management / Security / Roles* page and click *Create role*.
|
Go to the *Stack Management > Security > Roles* page and click *Create role*.
|
||||||
|
|
||||||
Create a `metricbeat_reader` role that has `read` and `view_index_metadata`
|
Create a `metricbeat_reader` role that has `read` and `view_index_metadata`
|
||||||
privileges on the `metricbeat-*` indices:
|
privileges on the `metricbeat-*` indices:
|
||||||
@ -198,9 +198,10 @@ on the `metricbeat-*` indices:
|
|||||||
[role="screenshot"]
|
[role="screenshot"]
|
||||||
image::security/images/create-writer-role.jpg["Creating another role in Kibana"]
|
image::security/images/create-writer-role.jpg["Creating another role in Kibana"]
|
||||||
|
|
||||||
Now go back to the *Management / Security / Users* page and assign these roles
|
Now go back to the *Stack
|
||||||
|
Management > Security > Users* page and assign these roles
|
||||||
to the appropriate users. Assign the `metricbeat_reader` role to your personal
|
to the appropriate users. Assign the `metricbeat_reader` role to your personal
|
||||||
user. Assign the `metricbeat_writer` role to the `logstash_internal` user.
|
user. Assign the `metricbeat_writer` role to the `logstash_internal` user.
|
||||||
|
|
||||||
The list of users should now contain all of the built-in users as well as the
|
The list of users should now contain all of the built-in users as well as the
|
||||||
two you created. It should also show the appropriate roles for your users:
|
two you created. It should also show the appropriate roles for your users:
|
||||||
|
|||||||
|
Before Width: | Height: | Size: 110 KiB After Width: | Height: | Size: 36 KiB |
|
Before Width: | Height: | Size: 109 KiB After Width: | Height: | Size: 36 KiB |
|
Before Width: | Height: | Size: 203 KiB After Width: | Height: | Size: 39 KiB |
|
Before Width: | Height: | Size: 108 KiB After Width: | Height: | Size: 27 KiB |
|
Before Width: | Height: | Size: 211 KiB After Width: | Height: | Size: 42 KiB |
|
Before Width: | Height: | Size: 172 KiB After Width: | Height: | Size: 83 KiB |
|
Before Width: | Height: | Size: 150 KiB After Width: | Height: | Size: 62 KiB |
|
Before Width: | Height: | Size: 216 KiB After Width: | Height: | Size: 59 KiB |