DEV-386: to use techn.user to scrape metrics for ssh-root-login

create-kibana-objects.yml

@@ -61,7 +61,7 @@
   vars:
     ansible_connection: local
     ansible_ssh_host: "{{ stage_server_domain }}"
-    api_endpoint: '{{ stage }}-elastic-stack-kibana-01-kibana.{{ domain }}'
+    kibana_api_endpoint: '{{ shared_service_elastic_stack_kibana_01_hostname }}-kibana.{{ domain }}'
     elastic_state: present
     elastic_users:
       -

group_vars/stage_dev/plain.yml

@@ -145,6 +145,7 @@ shared_service_elastic_stack_01_hostname: "{{ stage }}-elastic-stack-elastic-01"
 shared_service_elastic_stack_02_hostname: "{{ stage }}-elastic-stack-elastic-02"
 shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
 shared_service_elastic_stack_logstash_01_hostname: "{{ stage }}-elastic-stack-logstash-01"
+shared_service_elastic_stack_kibana_01_hostname: "{{ stage }}-elastic-stack-kibana-01"
 
 kube_master_01_hostname: "{{ stage }}-kube-master-01.{{ domain }}"
 kube_master_02_hostname: "{{ stage }}-kube-master-02.{{ domain }}"

group_vars/stage_prodnso/plain.yml

@@ -145,6 +145,7 @@ shared_service_elastic_stack_01_hostname: "{{ stage }}-elastic-stack-elastic-01"
 shared_service_elastic_stack_02_hostname: "{{ stage }}-elastic-stack-elastic-02"
 shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
 shared_service_elastic_stack_logstash_01_hostname: "{{ stage }}-elastic-stack-logstash-01"
+shared_service_elastic_stack_kibana_01_hostname: "{{ stage }}-elastic-stack-kibana-01"
 
 kube_master_01_hostname: "{{ stage }}-kube-master-01.{{ domain }}"
 kube_master_02_hostname: "{{ stage }}-kube-master-02.{{ domain }}"

group_vars/stage_qa/plain.yml

@@ -145,6 +145,7 @@ shared_service_elastic_stack_01_hostname: "{{ stage }}-elastic-stack-elastic-01"
 shared_service_elastic_stack_02_hostname: "{{ stage }}-elastic-stack-elastic-02"
 shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
 shared_service_elastic_stack_logstash_01_hostname: "{{ stage }}-elastic-stack-logstash-01"
+shared_service_elastic_stack_kibana_01_hostname: "{{ stage }}-elastic-stack-kibana-01"
 
 kube_master_01_hostname: "{{ stage }}-kube-master-01.{{ domain }}"
 kube_master_02_hostname: "{{ stage }}-kube-master-02.{{ domain }}"

roles/kibana/defaults/main.yaml

@@ -6,3 +6,91 @@ kibana_image_version: "7.16.1"
 kibana_advanced_settings:
   changes:
     truncate:maxHeight: 0
+
+prometheus_es_exporter__username: '{{ stage }}-prometheus-es-exporter'
+prometheus_es_exporter__password: '{{ prometheus_es_exporter__password_vault }}'
+prometheus_es_exporter__email: 'nso.devops@netgo.de'
+
+kibana_api_endpoint: '{{ shared_service_elastic_stack_kibana_01_hostname }}-kibana.{{ domain }}'
+kibana_technical_users:
+  -
+    elastic_users:
+      -
+        username: '{{ prometheus_es_exporter__username }}'
+        roles:
+        - '{{ prometheus_es_exporter__username }}'
+        full_name: ''
+        password: '{{ prometheus_es_exporter__password }}'
+        email: '{{ prometheus_es_exporter__email }}'
+        enabled: true
+        elastic_state: present
+    elastic_roles:
+      -
+        elastic_state: present
+        name: '{{ prometheus_es_exporter__username }}'
+        elasticsearch:
+          cluster: []
+          indices:
+          - names:
+            - '{{ stage }}-*'
+            privileges:
+            - read
+            - read_cross_cluster
+            - view_index_metadata
+            allow_restricted_indices: false
+          run_as: []
+        kibana:
+        - base: []
+          feature:
+            advancedSettings:
+            - all
+            dashboard:
+            - all
+            discover:
+            - all
+            indexPatterns:
+            - all
+            savedObjectsManagement:
+            - all
+            visualize:
+            - all
+          spaces:
+          - '{{ prometheus_es_exporter__username }}'
+    elastic_spaces:
+      -
+        elastic_state: present
+        id: &es_space_name '{{ prometheus_es_exporter__username }}'
+        name: '{{ prometheus_es_exporter__username }}'
+        description: ''
+        disabledFeatures:
+          - canvas
+          - maps
+          - ml
+          - visualize
+          - enterpriseSearch
+          - logs
+          - infrastructure
+          - apm
+          - uptime
+          - observabilityCases
+          - siem
+          - monitoring
+          - fleet
+          - stackAlerts
+          - actions
+          - osquery
+          - savedObjectsTagging
+    elastic_index_pattern:
+      -
+        attributes:
+          fieldAttrs: '{}'
+          fields: "[]"
+          runtimeFieldMap: "{}"
+          timeFieldName: "@timestamp"
+          title: '{{ stage }}-*-authlog-*'
+          typeMeta: "{}"
+        coreMigrationVersion: 7.16.1
+        migrationVersion:
+          index-pattern: 7.11.0
+        references: []
+        type: index-pattern

roles/kibana/tasks/_configure_dashboards.yml

@@ -10,7 +10,7 @@
 - name: "Dashboards: Get all searches in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/_find?per_page=10000&type={{ es_object_type }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_find?per_page=10000&type={{ es_object_type }}"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -47,7 +47,7 @@
   - name: "Dashboards: Get all searches in elasticsearch"
     delegate_to: localhost
     uri:
-      url: "https://{{ api_endpoint }}/s/{{ es_space }}/api/saved_objects/_find?per_page=10000&type=search"
+      url: "https://{{ kibana_api_endpoint }}/s/{{ es_space }}/api/saved_objects/_find?per_page=10000&type=search"
       method: GET
       status_code: [200]
       user: "{{ elastic_admin_username }}"
@@ -121,7 +121,7 @@
 - name: "Create {{ es_object_type }} <<{{ elastic_dashboard.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ es_object_type }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -140,7 +140,7 @@
 - name: "Update {{ es_object_type }} <<{{ elastic_dashboard.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_dashboard_object[0]["id"] }}'
+    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_dashboard_object[0]["id"] }}'
     method: PUT
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -159,7 +159,7 @@
 - name: "DELETE {{ es_object_type }} <<{{ elastic_dashboard.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_dashboard_object[0]["id"] }}'
+    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_dashboard_object[0]["id"] }}'
     method: DELETE
     status_code: [200]
     user: "{{ elastic_admin_username }}"

roles/kibana/tasks/_configure_indexpattern.yml

@@ -9,7 +9,7 @@
 - name: "Get all indexpatterns in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/_find?per_page=10000&type=index-pattern"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_find?per_page=10000&type=index-pattern"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -41,7 +41,7 @@
 - name: "Create {{ es_object_type }} <<{{ elastic_indexpattern.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ es_object_type }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -60,7 +60,7 @@
 - name: "Update {{ es_object_type }} <<{{ elastic_indexpattern.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
+    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
     method: PUT
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -79,7 +79,7 @@
 - name: "DELETE {{ es_object_type }} <<{{ elastic_indexpattern.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
+    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
     method: DELETE
     status_code: [200]
     user: "{{ elastic_admin_username }}" 

roles/kibana/tasks/_configure_roles.yml

@@ -8,7 +8,7 @@
 - name: "Get all roles in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -39,7 +39,7 @@
 - name: "Create role <<{{ elastic_role.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
     method: PUT
     status_code: [204]
     user: "{{ elastic_admin_username }}" 
@@ -58,7 +58,7 @@
 - name: "Update role <<{{ elastic_role.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
     method: PUT
     status_code: [204]
     user: "{{ elastic_admin_username }}" 
@@ -77,7 +77,7 @@
 - name: "DELETE role <<{{ elastic_role.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_role.name }}"
     method: DELETE
     status_code: [204]
     user: "{{ elastic_admin_username }}" 

roles/kibana/tasks/_configure_searches.yml

@@ -10,7 +10,7 @@
 - name: "Get all searches in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/_find?per_page=10000&type=search"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_find?per_page=10000&type=search"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -46,7 +46,7 @@
   - name: "Get all indexpatterns in elasticsearch"
     delegate_to: localhost
     uri:
-      url: "https://{{ api_endpoint }}/s/{{ es_space }}/api/saved_objects/_find?per_page=10000&type=index-pattern"
+      url: "https://{{ kibana_api_endpoint }}/s/{{ es_space }}/api/saved_objects/_find?per_page=10000&type=index-pattern"
       method: GET
       status_code: [200]
       user: "{{ elastic_admin_username }}" 
@@ -109,7 +109,7 @@
 - name: "Create {{ es_object_type }} <<{{ elastic_search.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ es_object_type }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -128,7 +128,7 @@
 - name: "Update {{ es_object_type }} <<{{ elastic_search.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_search_object[0]["id"] }}'
+    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_search_object[0]["id"] }}'
     method: PUT
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -147,7 +147,7 @@
 - name: "DELETE {{ es_object_type }} <<{{ elastic_search.attributes.title }}>>"
   delegate_to: localhost
   uri:
-    url: 'https://{{ api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_search_object[0]["id"] }}'
+    url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_search_object[0]["id"] }}'
     method: DELETE
     status_code: [200]
     user: "{{ elastic_admin_username }}" 

roles/kibana/tasks/_configure_spaces.yml

@@ -8,7 +8,7 @@
 - name: "Get all spaces in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -43,7 +43,7 @@
 - name: "Create space <<{{ elastic_space.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -62,7 +62,7 @@
 - name: "Update space <<{{ elastic_space.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_space.name }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_space.name }}"
     method: PUT
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -81,7 +81,7 @@
 - name: "Update space advanced settings <<{{ elastic_space.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}/s/{{ elastic_space.name }}/api/kibana/settings"
+    url: "https://{{ kibana_api_endpoint }}/s/{{ elastic_space.name }}/api/kibana/settings"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}"
@@ -100,7 +100,7 @@
 - name: "DELETE space <<{{ elastic_space.name }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_space.name }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_space.name }}"
     method: DELETE
     status_code: [204]
     user: "{{ elastic_admin_username }}"

roles/kibana/tasks/_configure_users.yml

@@ -9,7 +9,7 @@
 - name: "Get all users in elasticsearch"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}"
     method: GET
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -48,7 +48,7 @@
 - name: "Create user <<{{ elastic_user.username }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_user.username }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_user.username }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -67,7 +67,7 @@
 - name: "Update user <<{{ elastic_user.username }}>>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_user.username }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_user.username }}"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}" 
@@ -86,7 +86,7 @@
 - name: "DELETE user << elastic_user.username >>"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/{{ elastic_user.username }}"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ elastic_user.username }}"
     method: DELETE
     status_code: [204]
     user: "{{ elastic_admin_username }}" 

roles/kibana/tasks/_import_savedobjects.yml

@@ -1,5 +1,5 @@
 ---
-- name: "Importing kibana objects to <{{ api_endpoint }}>"
+- name: "Importing kibana objects to <{{ kibana_kibana_api_endpoint }}>"
   include_tasks: import_service_ojects.yml
   loop: "{{ es_index_pattern_services }}"
   loop_control:
@@ -9,7 +9,7 @@
 - name: "Setting default index pattern"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}/s/{{ stage }}-{{ tenant_id }}/api/kibana/settings"
+    url: "https://{{ kibana_kibana_api_endpoint }}/s/{{ stage }}-{{ tenant_id }}/api/kibana/settings"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}"

roles/kibana/tasks/add_technical_users.yml

@@ -0,0 +1,34 @@
+---
+- name: "Do some stuff in elastic with spaces ... "
+  include_role:
+    name: kibana
+    tasks_from: _configure_spaces.yml
+  loop: "{{ technical_user.elastic_spaces }}"
+  loop_control:
+    loop_var: elastic_space
+
+- name: "Do some stuff in elastic with roles ..."
+  include_role:
+    name: kibana
+    tasks_from: _configure_roles.yml
+  loop: "{{ technical_user.elastic_roles }}"
+  loop_control:
+    loop_var: elastic_role
+
+- name: "Do some stuff in elastic with users ..."
+  include_role:
+    name: kibana
+    tasks_from: _configure_users.yml
+  loop: "{{ technical_user.elastic_users }}"
+  loop_control:
+    loop_var: elastic_user
+
+- name: "Do some stuff in elastic with indexpattern ..."
+  vars:
+    es_space: technical_user.elastic_index_pattern
+  include_role:
+    name: kibana
+    tasks_from: _configure_indexpattern.yml
+  loop: "{{ technical_user.elastic_index_pattern }}"
+  loop_control:
+    loop_var: elastic_index_pattern

roles/kibana/tasks/import_service_ojects.yml

@@ -32,7 +32,7 @@
 - name: "Importing service objects to kibana"
   delegate_to: localhost
   uri:
-    url: "https://{{ api_endpoint }}{{ api_path }}/_import?overwrite=true"
+    url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_import?overwrite=true"
     method: POST
     status_code: [200]
     user: "{{ elastic_admin_username }}" 

roles/kibana/tasks/main.yaml

@@ -81,3 +81,15 @@
     - update_certs
     - update_config
     - update_deployment
+
+- name: "Create ES objects for technical users"
+  include_tasks: add_technical_users.yml
+  loop: '{{ kibana_technical_users }}'
+  loop_control:
+    loop_var: technical_user
+  args:
+    apply:
+      tags:
+        - kibana-technical-users
+  tags:
+    - kibana-technical-users