Assign a group of users READ only access to certain indices while allowing them to create visualizations?


We have set up AD authentication for our ELK stack and have successfully mapped ELK roles to our AD-groups which is working fantastically. Now we want to allow them to create visualizations as well, what is the recommended way to achieve this?

We've given them READ access to .kibana but we hesitate to give them WRITE access since that would affect the other indices which they have access to. So what is the recommended way to have a group of users have READ access to indices while at the same time WRITE to visualizations?

I don't quite follow.

If you grant write access to .kibana (e.g. by assigning them the kibana_user role) that doesn't give them write access to other indices. Each index is secured independently - you can have read acess to 1 index, write access to another, and no access to everything else.

Yeah i get that, but then we would have to have two roles right? Because as it is now, we've mapped Role1 to a Active Directory group which has READ access to certain indexes as well as .kibana. If we want them to have WRITE access to .kibana but still only have read access to regular indices we would have to create two roles right? One role for READ access to regular indices and another role for WRITE access to .kibana?

Sorry for my really poor explanation, it's too early in the morning and i haven't gotten my coffee fix yet :coffee:

EDIT: I totally forgot about that we can assign different access rules to multiple indices to a Role... That fixed my issue. Thanks for your help!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.