Page MenuHomePhabricator

Production logstash should be protected by two-factor auth, at the least
Open, MediumPublic

Description

Many events include personally-identifying information such as client IP address, hence access is currently restricted to the NDA group (as I understand it). Login currently requires a username and password, with no second factor. This seems to be inadequate protection for private information.

Acceptance criteria:

  • Users can find the privacy policy and data controls used for logstash. Ideally we can link to existing documents.
  • Two-factor and any other access controls are configured.

Event Timeline

We're in the process of rolling out Apereo CAS (and initial services are getting migrated to it), see https://phabricator.wikimedia.org/T233921 and sub tasks.

Indeed what @MoritzMuehlenhoff said, we'll gain 2FA when CAS gets deployed more widely. Regarding the first point @awight where would it make sense to include the links to documentation in your opinion? Do we have existing examples to get inspiration?

We'll automatically get 2FA with CAS, but for Kibana that has proven impossible since the SSO features are limited to the Enterprise version and the current structure didn't allow us to setup a manual solution with mod_cas: T246998

That said, with Elastic/Kibana turning non-free, there's now the OpenSearch fork for Elastic and a similar fork for Kibana called OpenSearch Dashboard. OpenSearch has no enterprise tier, so no artificial restrictions to the FLOSS version apply, as such I'd expect that OpenSearch Dashboard also gains SSO capabilities mid-term.