Create user with multiple roles(of different spaces) and having access to only single space

please advise how to create user with multiple roles(of different spaces) and having access to only single space

Hi @srinielk ,

welcome to the Kibana community.

From what I currently understand you have a user with multiple roles for different spaces (so probably has access to some of these spaces), but you want to reduce this to only a single space. Can you confirm that is what you meant, or clarify the question?

Also, what version of the stack are you using?

Hi Marco,

Thanks for the response. We are using Stack Management 7.13.0 version.

Requirement:
We have created separate space in Kibana for each organization/business group. So we have multiples spaces overall and there are multiple users for each business group.
For some users, we should create account in such a away that the user should have access to the space (belongs to his own business group) and also indexes of other space (but not space access).

Example: If there are two spaces space1 and space2, each space have indexes.
User A should be provided with space1 access along with space1 indexes access and space 2 indexes access but not space2 access.
So when he login to Kibana he should see space1, corresponding indexes and indexes of space2.

Hope requirement is clear to you :slightly_smiling_face: Please advise.

When creating roles you can specify in different sections which ES index privileges and Kibana space privileges.

In the example below I have 2 spaces: Default with only the logs sample data index and OtherSpace with only the flights sample data index.
But in the Kibana section I'll give only OtherSpace privileges.

(I found that, even as admin, I had to access first from one space, then to another, in order to add both indexes.)
The user will be able to access both indexes, probably creating (a) new indexpattern(s), and access them.
Does it help?

HI Marco,

Thanks for response with solution.

Unfortunately the indices created for other space are not visible in current space under Index privileges while creating a role. Not sure if any restrictions on this.
Please advise if we can fix this.

Thanks and Regards,
Srinivas

I found this issue too while reproducing the scenario.
I had to create the role in one space, save it, then change to all the other spaces and add the new indexes one by one (remember to save every time).

yeah, in any case we cannot add indices other space to the role on current space right? not working for me. Created same way as you suggested.

The role has to be edited in each Space, adding the index within the space you have access to.

Hi Marco,

Tried this option as well but not helped.

Thanks,
Srinivas

What problem did you face after configuring all fields with permissions for each space/user?

edited in each Space by adding the index within the space I have access to but the user is able to access only the indices where he has access to particular space.

Regards,
Srinivas