Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve documentation for kibana_user role assignment #26819

Closed
legrego opened this issue Dec 7, 2018 · 7 comments · Fixed by #49309
Closed

Improve documentation for kibana_user role assignment #26819

legrego opened this issue Dec 7, 2018 · 7 comments · Fixed by #49309
Labels
Team:Docs Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!

Comments

@legrego
Copy link
Member

legrego commented Dec 7, 2018

Kibana version: >= 6.5

We have historically taught our users that they need to assign the kibana_user role to all users who wish to access Kibana. With the introduction of Spaces and other RBAC initiatives, this is no longer the case.

The kibana_user role is now a Kibana superuser role of sorts, because it allows read/write access to all spaces, and it also grants the ability to manage spaces themselves.

Administrators who wish to secure access to specific spaces should not be assigning the kibana_user role to their end users anymore, but instead create custom roles that are tailored to their needs.
@legrego legrego added Team:Docs Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! labels Dec 7, 2018
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security

@kobelb
Copy link
Contributor

kobelb commented Dec 10, 2018

#26652 will help with this

@kobelb kobelb mentioned this issue Mar 12, 2019
Closed
@lcawl
Copy link
Contributor

lcawl commented May 8, 2019

I think the description of the built-in kibana_user role in https://www.elastic.co/guide/en/elastic-stack-overview/master/built-in-roles.html is out-dated.
Likewise, it sounds like we no longer want to recommend assigning the kibana_user role in the "Getting started with security" tutorial: https://www.elastic.co/guide/en/elastic-stack-overview/master/get-started-roles.html

@kobelb
Copy link
Contributor

kobelb commented May 8, 2019

I think the description of the built-in kibana_user role in https://www.elastic.co/guide/en/elastic-stack-overview/master/built-in-roles.html is out-dated.

Agreed, I thought we'd revised the terminology used here previously, but I must be mis-remembering.

Likewise, it sounds like we no longer want to recommend assigning the kibana_user role in the "Getting started with security" tutorial: https://www.elastic.co/guide/en/elastic-stack-overview/master/get-started-roles.html

For getting started, it's fine to use the kibana_user role; however, some phrasing should be changed. Would you like for me to create a PR to address these two docs issues, or would you prefer to do so?

#25722 provides a bit of context around our future direction for these two roles. Apologies for letting the stack docs get so out of date.

@lcawl
Copy link
Contributor

lcawl commented May 8, 2019
edited
Loading

Thanks for the information @kobelb ! If you are willing to create the PR, that's great. I'm happy to review or add suggestions. No worries about the delay--I just wanted to put a pin in them when I stumbled across them while making other updates.

@kobelb
Copy link
Contributor

kobelb commented May 8, 2019

You got it! I'll get a PR together for this.

@kobelb kobelb mentioned this issue May 21, 2019
Merged
@gchaps
Copy link
Contributor

gchaps commented Sep 17, 2019

@kobelb, @lcawl. Can we close this issue?

@legrego legrego mentioned this issue Oct 25, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Team:Docs Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[DOCS] - fixing references to kibana_user role legrego/kibana
5 participants
@kobelb @legrego @elasticmachine @lcawl @gchaps