Kibana RBAC are not persistent


I have installed ODFE recently using rpms. I wanted to manage the RBAC access via Kibana security. The users, roles, permissions, action groups etc are not persistent. All the configurations are wiped off when I run the script. I have to run this script often as the I have integrated with Active Directory and the user’s credentials has to be changed every month.

So I will have to update the password of the user in the config.yml file that queries the AD (authentication_backend)every month and the security changes done on Kibana gets vanished.

Is this the behavior. If yes how are the RBAC be maintained. Is there a workaround to fix this ? Will the Kibana changes not be updated in the backend. The only way is to maintain the RBAC configurations is through the yml files under security config?

Note: I’m novice in ODFE, so excuse if its a basic query.

Thanks and Regards,
Prakash Chandrasekar

Did you try to apply security changes from single file like mentioned in ODFE Documentation:

./ -f ../securityconfig/config.yml -icl -nhnv -cert /etc/elasticsearch/kirk.pem -cacert /etc/elasticsearch/root-ca.pem -key /etc/elasticsearch/kirk-key.pem -t config

Thanks @mmamaenko for your quick response, much appreciated. I haven’t tried applying changes with a single file. I shall try this and revert back on the results.

Prakash Chandrasekar.

@prakash88 The configuration files are like a snapshot of the config at that moment in time, so if you make changes using Kibana UI, and then proceed to upload all the yml files in config folder, the changes made via UI will be overwritten.

Alternative would be to either upload a single file, as mentioned above, or better yet, retrieve all the config files to the config directory using --retrieve command with the script, then make changes on the new files, which can then be uploaded.

In short any changes made via UI will be overwritten by the yml files, this is by design.