Version: 7.x-45.0.0
This is an older version of Search Guard. Switch to Latest version
This is an older version of Search Guard. Switch to Latest version
Community
Demo users and roles
Content
Search Guard ships with a demo configuration that contains users and roles for a variety of use cases. You can use these users and roles as a blueprint for your own permission schema.
Demo users
Search Guard ships with the following demo users:
Username | Password | Description |
---|---|---|
admin | admin | Full access to the cluster and all indices, but no access to the Search Guard configuration. Use an admin certificate for that. |
kibanaserver | kibanaserver | Internal Kibana server user, for configuring elasticsearch.username and elasticsearch.password in kibana.yml . Has all permissions on the .kibana index. |
kibanaro | kibanaro | Regular Kibana user, has SGS_READ access to all indices and all permissions on the .kibana index. |
logstash | logstash | Logstash and Beats user, has SGS_CRUD and SGS_CREATE_INDEX permissions on all logstash and beats indices |
readall | readall | Has read access to all indices |
snapshotrestore | snapshotrestore | Has permissions to perform snapshot and restore operations |
Note: By default, all users are mapped to the SGS_OWN_INDEX
role. You can remove this mapping by deleting the following lines from sg_roles_mapping.yml
:
SGS_OWN_INDEX:
reserved: false
hidden: false
users:
- "*"
description: "Allow full access to an index named like the username"