Create user with multiple roles(of different spaces) and having access to only single space

srinielk · September 20, 2021, 5:37am

please advise how to create user with multiple roles(of different spaces) and having access to only single space

Marco_Liberati · September 20, 2021, 10:13am

welcome to the Kibana community.

From what I currently understand you have a user with multiple roles for different spaces (so probably has access to some of these spaces), but you want to reduce this to only a single space. Can you confirm that is what you meant, or clarify the question?

Also, what version of the stack are you using?

srinielk · September 20, 2021, 2:21pm

Hi Marco,

Thanks for the response. We are using Stack Management 7.13.0 version.

Requirement:
We have created separate space in Kibana for each organization/business group. So we have multiples spaces overall and there are multiple users for each business group.
For some users, we should create account in such a away that the user should have access to the space (belongs to his own business group) and also indexes of other space (but not space access).

Example: If there are two spaces space1 and space2, each space have indexes.
User A should be provided with space1 access along with space1 indexes access and space 2 indexes access but not space2 access.
So when he login to Kibana he should see space1, corresponding indexes and indexes of space2.

Hope requirement is clear to you Please advise.

Marco_Liberati · September 21, 2021, 3:27pm

When creating roles you can specify in different sections which ES index privileges and Kibana space privileges.

In the example below I have 2 spaces: Default with only the logs sample data index and OtherSpace with only the flights sample data index.
But in the Kibana section I'll give only OtherSpace privileges.

(I found that, even as admin, I had to access first from one space, then to another, in order to add both indexes.)
The user will be able to access both indexes, probably creating (a) new indexpattern(s), and access them.
Does it help?

srinielk · September 22, 2021, 8:04am

HI Marco,

Thanks for response with solution.

Unfortunately the indices created for other space are not visible in current space under Index privileges while creating a role. Not sure if any restrictions on this.
Please advise if we can fix this.

Thanks and Regards,
Srinivas

Marco_Liberati · September 22, 2021, 8:24am

I found this issue too while reproducing the scenario.
I had to create the role in one space, save it, then change to all the other spaces and add the new indexes one by one (remember to save every time).

srinielk · September 22, 2021, 8:44am

yeah, in any case we cannot add indices other space to the role on current space right? not working for me. Created same way as you suggested.

Marco_Liberati · September 22, 2021, 8:47am

The role has to be edited in each Space, adding the index within the space you have access to.

srinielk · October 4, 2021, 10:47am

Hi Marco,

Tried this option as well but not helped.

Thanks,
Srinivas

Marco_Liberati · October 4, 2021, 10:50am

What problem did you face after configuring all fields with permissions for each space/user?

srinielk · October 8, 2021, 12:20pm

edited in each Space by adding the index within the space I have access to but the user is able to access only the indices where he has access to particular space.

Regards,
Srinivas

system · November 5, 2021, 12:21pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.