add searchguard

add authentication to elk with searchguard Issue-ID: CLAMP-419 Change-Id: I66bca485750e3377db10f6f43efb7f741a42c17d Signed-off-by: osgn422w <gervais-martial.ngueko@intl.att.com>
author: osgn422w <gervais-martial.ngueko@intl.att.com> 2019-07-17 16:17:13 +0200
committer: osgn422w <gervais-martial.ngueko@intl.att.com> 2019-07-17 16:24:58 +0200
commit: 0ce11eaeca48930d0203545a5e4206349a11f01b (patch)
tree: bbe5b1c792043fd2dafded1bcdb12449752bd995 /src/main/docker/elasticsearch/config/sg/sg_roles_mapping.yml
parent: 493c3839fb6807512218165fd8a3a6efe1933fb9 (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/src/main/docker/elasticsearch/config/sg/sg_roles_mapping.yml b/src/main/docker/elasticsearch/config/sg/sg_roles_mapping.yml
new file mode 100644
index 00000000..45bb7755
--- /dev/null
+++ b/src/main/docker/elasticsearch/config/sg/sg_roles_mapping.yml
@@ -0,0 +1,34 @@
+# In this file users, backendroles and hosts can be mapped to Search Guard roles.
+# Permissions for Search Guard roles are configured in sg_roles.yml
+
+sg_all_access:
+  readonly: true
+  backendroles:
+    - admin
+
+sg_logstash:
+  backendroles:
+    - logstash
+    
+sg_kibana_server:
+  readonly: true
+  users:
+    - kibanaserver
+    
+sg_kibana_user:
+  backendroles:
+    - kibanauser
+
+sg_readall:
+  readonly: true
+  backendroles:
+    - readall
+
+sg_manage_snapshots:
+  readonly: true
+  backendroles:
+    - snapshotrestore
+
+sg_own_index:
+  users:
+    - '*'
+\ No newline at end of file
author	osgn422w <gervais-martial.ngueko@intl.att.com>	2019-07-17 16:17:13 +0200
committer	osgn422w <gervais-martial.ngueko@intl.att.com>	2019-07-17 16:24:58 +0200
commit	0ce11eaeca48930d0203545a5e4206349a11f01b (patch)
tree	bbe5b1c792043fd2dafded1bcdb12449752bd995 /src/main/docker/elasticsearch/config/sg/sg_roles_mapping.yml
parent	493c3839fb6807512218165fd8a3a6efe1933fb9 (diff)