github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[DOCS] Fixes legacy security setting (#74871)

Browse source
This commit is contained in:
gchaps 2020-08-13 07:18:41 -07:00 committed by GitHub
parent e6710c74e0
commit 01fdb91a31
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
docs/settings/security-settings.asciidoc
View file

@ -19,13 +19,13 @@ are enabled.
Do not set this to `false`; it disables the login form, user and role management
screens, and authorization using <<kibana-privileges>>. To disable
{security-features} entirely, see
{ref}/security-settings.html[{es} security settings].
{ref}/security-settings.html[{es} security settings].
`xpack.security.audit.enabled`::
Set to `true` to enable audit logging for security events. By default, it is set
to `false`. For more details see <<xpack-security-audit-logging>>.
`xpack.security.authorization.legacyFallback`::
`xpack.security.authorization.legacyFallback.enabled`::
Set to `true` (default) to enable the legacy fallback. See <<xpack-security-authorization>>
for more details.

7
docs/user/security/authorization/index.asciidoc
View file

@ -3,7 +3,7 @@
=== Authorization
Authorizing users to use {kib} in simple configurations is as easy as assigning the user
either the `kibana_user` or `kibana_dashboard_only_user` reserved role. If you're running
either the `kibana_user` or `kibana_dashboard_only_user` reserved role. If you're running
a single tenant of {kib} against your {es} cluster, and you're not controlling access to individual spaces, then this is sufficient and no other action is required.
==== Spaces
@ -12,7 +12,7 @@ If you want to control individual spaces in {kib}, do **not** use the `kibana_us
==== Multi-tenant {kib}
When running multiple tenants of {kib}, and changing the `kibana.index` in your `kibana.yml`, you
When running multiple tenants of {kib}, and changing the `kibana.index` in your `kibana.yml`, you
must create custom roles that authorize the user for that specific tenant. You can use
either the *Management / Security / Roles* page in {kib} or the <<role-management-api>>
to assign a specific <<kibana-privileges, Kibana privilege>> at that tenant. After creating the
@ -32,5 +32,6 @@ a legacy role, the following is logged to your {kib} logs:
<username> relies on index privileges on the Kibana index. This is deprecated and will be removed in Kibana 7.0
----------------------------------
To disable legacy roles from being authorized in {kib}, set `xpack.security.authorization.legacyFallback` to `false`
To disable legacy roles from being authorized in {kib},
set `xpack.security.authorization.legacyFallback.enabled` to `false`
in your `kibana.yml`.