Menu
How do I define security access in Elasticsearch? I have the elasticsearch-head plugin but your access doesn't require any security.
331
The short version is that you can manage users and roles within Kibana/Elasticsearch for free (these are the native and file realms). The paid authentication realms are generally those which connect to external identity providers, such as Kerberos, SAML, Open ID Connect, Kerberos, PKI, etc.
The plugin mentioned in this answer is no longer being actively supported.
There is no built-in access control in elasticsearch. So, you would need to setup a reverse proxy (here is a blog post how to setup nginx), use one of the 3rd party elasticsearch plugins such as https://github.com/Asquera/elasticsearch-http-basic or use the official security plugin Shield.
153
<shamelessPlug>
Sorry but I have serious doubts about all these plugins and proxies that only try to capture queries with sloppy regex's at HTTP level.
Will you regex all the possible ES syntax that may perform a write? How do you filter by index? How about index aliases? Multi-index queries?
The only clean way to do the access control is AFTER ElasticSearch has parsed the queries. This is exactly what Shield does after all!
I wrote a MIT licensed plugin (readonly-rest-plugin) that does exactly this.
You can match request by:
✔️ Host name, IP and IP with Netmask
✔️ Indices (wildcards supported) and index aliases are resolved
✔️ HTTP Basic Auth
It has also first class support for Kibana authentication :)
</shamelessPlug>
26
Elasticsearch now have security plugin http://www.elasticsearch.org/blog/shield-know-security-coming-soon/
30
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
