Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Store kibana system user credentials in the keystore #111337

Open
azasypkin opened this issue Sep 7, 2021 · 1 comment
Open

Store kibana system user credentials in the keystore #111337

azasypkin opened this issue Sep 7, 2021 · 1 comment
Labels
backport:skip This commit does not require backporting Feature:Security/Interactive Setup Platform Security - Interactive setup mode release_note:skip Skip the PR/issue when compiling release notes Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.0.0

Comments

@azasypkin
Copy link
Member

Summary

Currently we store kibana system user credentials (including service account token) we obtain during interactive setup directly in the kibana.yml file. Ideally we should store such sensitive information directly in the Kibana keystore.

In the scope of this issue we should investigate if it's feasible and, if it's, switch to the keystore instead.
@azasypkin azasypkin added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.0.0 release_note:skip Skip the PR/issue when compiling release notes backport:skip This commit does not require backporting Feature:Security/Interactive Setup Platform Security - Interactive setup mode labels Sep 7, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@azasypkin azasypkin mentioned this issue Sep 7, 2021
Closed
15 tasks
@exalate-issue-sync exalate-issue-sync bot added impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. loe:small Small Level of Effort labels Sep 10, 2021
@legrego legrego removed loe:small Small Level of Effort impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. labels Aug 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backport:skip This commit does not require backporting Feature:Security/Interactive Setup Platform Security - Interactive setup mode release_note:skip Skip the PR/issue when compiling release notes Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.0.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@azasypkin @legrego @elasticmachine