We are seeking clarification regarding data access restrictions when using the Elastic AI Assistant.
We are planning to enable the Elastic AI Assistant feature for our users. Before proceeding, we would like to understand how data access is handled in relation to Kibana role-based access control (RBAC).
Specifically, we would like to confirm:
-
Does the Elastic AI Assistant strictly adhere to the same RBAC permissions defined in Kibana roles when retrieving and presenting data?
-
Or is there any possibility that the AI Assistant could access or surface data beyond what a user is authorized to view based on their assigned roles?
Our goal is to ensure that data security and access controls remain consistent and enforced when users interact with the AI Assistant.
Any clarification or official documentation references on this behavior would be greatly appreciated.
Hi,
I saw your question and it caught my attention. Although I don't know the answer, I asked the Elastic Support Agent, and this is the response I received. I hope it helps.
The Elastic AI Assistant is designed to strictly adhere to the role-based access control (RBAC) permissions defined in Kibana. This means that the assistant can only access and present data that the invoking user is authorized to view, based on their assigned roles and permissions in Kibana.
There is no possibility that the AI Assistant could access or surface data beyond what a user is authorized to view. Security and access control are fundamental principles in the Elastic Stack, and the AI Assistant integrates with the existing security system to ensure that data access policies are maintained.
For the most detailed information and references to official documentation on this behavior, I recommend consulting the Elastic Stack security documentation and the specific documentation for the Elastic AI Assistant on the official Elastic website.
Hi @juancamiloll ,
Thank you for checking with the Elastic support agent and assisting me—it was very helpful.