Version: SG FLX
Community
Demo users and roles
Content
Search Guard ships with a demo configuration that contains users and roles for a variety of use cases. You can use these users and roles as a blueprint for your own permission schema.
Demo users
Search Guard ships with the following demo users:
Username | Password | Description |
---|---|---|
admin | admin | Full access to the cluster and all indices, but no access to the Search Guard configuration. Use an admin certificate for that. |
kibanaserver | kibanaserver | Internal Kibana server user, for configuring elasticsearch.username and elasticsearch.password in kibana.yml . Has all permissions on the .kibana index. |
kibanaro | kibanaro | Regular Kibana user, has SGS_READ access to all indices and all permissions on the .kibana index. |
logstash | logstash | Logstash and Beats user, has SGS_CRUD and SGS_CREATE_INDEX permissions on all logstash and beats indices |
readall | readall | Has read access to all indices |
snapshotrestore | snapshotrestore | Has permissions to perform snapshot and restore operations |
Note: By default, all users are mapped to the SGS_OWN_INDEX
role. You can remove this mapping by deleting the following lines from sg_roles_mapping.yml
:
SGS_OWN_INDEX:
reserved: false
hidden: false
users:
- "*"
description: "Allow full access to an index named like the username"