Hello!
I'm having some issues configuring users and roles using Kibana 6.1.1 + X-Pack. Here's my config:
User:
{ "limited-user": { "username": "limited-user", "roles": [ "limited-user", "kibana_user" ], "full_name": "limited-user", "email": "limited-user@test.com", "metadata": {}, "enabled": true } }
Role:
{ "limited-user": { "cluster": [], "indices": [ { "names": [ "my-index*" ], "privileges": [ "read" ], "field_security": { "grant": [ "valortabela", "vltotnota", "dt_fatur_", "escrv" ] }, "query": """{"term": {"escrv": "37"}}""" } ], "run_as": [], "metadata": {}, "transient_metadata": { "enabled": true } } }
This config is great to limit visualization values itself, but it doesn't hide fields from dropdown lists. For instance, in this case, the user can see all fields available in the index:
Also, this user can edit other user’s visualizations (e.g.: modify a field axis from someone’s graph) - this is allowed by “kibana_user” role in his profile. Is there some role config I can use to limit this action? This user should be able to create/edit his own visualizations only, and be able to access other users visualizations as well, but not modify them.
It would be also nice if we could configure a user/role whose dashboard shows only the “Visualize” and “Dashboard” options in left menu. It seems that “kibana_dashboard_olnly” role doesn’t show the “Visualize” menu.
Is there any config in X-Pack permissions I could use to solve the issues above?
Thanks!