bea/infra-prod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

make kibana use oauth2

Browse Source
This commit is contained in:
Beatrice Dellacà
2025-03-31 10:30:57 +02:00
parent e9a4de02cc
commit 7a33d8212b
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
deploy/elk-stack/kibana.yaml
View File

@@ -7,3 +7,13 @@ spec:
count: 2
elasticsearchRef:
name: elasticsearch-ha
config:
# Enable OIDC and basic auth as available providers.
xpack.security.authc.providers: [oidc, basic]
# Specify which OIDC realm to use (this should match the name of your OIDC realm in Elasticsearch)
xpack.security.authc.oidc.realm: "panic-haus"
# Client settings that Kibana will use (and which must match your OIDC realm settings in Elasticsearch)
xpack.security.authc.oidc.client_id: "kibana"
xpack.security.authc.oidc.client_secret: "NDgPp4m8IhdpZ5z6wrCFByD9Y00dN7ga"
# The URL for the Keycloak OpenID Connect discovery document.
xpack.security.authc.oidc.openid_connect_url: "https://sso.panic.haus/realms/panic-haus/.well-known/openid-configuration"