Hiding custom variables like http auth pairs (user/password) from the icingaweb2 dashboard

Hello,
I have a couple of services configured with vars.http_auth_pair custom variable:

object Service custom_http_service {

vars.http_auth_pair = “user:password”

}

inside the object Service defintion.
From what I understand, adding
*http_auth_pair to protected_customvars in /etc/icingaweb2/config.ini like so:

...
[security]
protected_customvars = "pw,pass,auth,*http_auth_pair"
... 

Should mask these vars in the icingaweb2 dashboard.
I am using the dashboard with the initial icingaweb2 user I set up during install which has admin rights over the whole dashboard.
I still see the user:pass tuples on those specific services and I don’t want that.
What am I doing wrong ?

Hi,

you can do that in Icinga Web 2. Nav to https://your.host/config/modules#!/monitoring/config/security, add http_auth_pair and hit Save.

Example:

image - added mssql_health_warning into the list.

Greetz

1 Like

hi, did not work, the field contains
*pw*, *pass*,community, http_auth_pair
still shows the user and password on the specific host/service

Have you tried *auth*?
Works for me
image

1 Like

Excellent, that works for http_auth_pair, but when I’m looking at the object inspection, I still see it under vars and executed commands. How can I hide those entries?

For that you will have to limit the access to the Icinga Director module.
You will need to configure Roles with different permissions. If everyone uses the default icingaadmin user, that won’t be possible.
At least I don’t know any other way.

Okay, fair enough. Thanks.