Custom Roles - Errors when saved reports/visuals, but created successfully


  1. Create a read only role & user who should be able to login to Kibana and do all READ only operation like open the dashboard & monitor
  2. Create a power user role & user who should be able to create their own kibana dashboards, create alerting using watcher APIs
  3. Create SuperPower role & user to create own dashboards, user Watcher App for alerting, and use Machine Learning App for creation ML analytics..

ES & kibana version: 5.4.0

Created the power user role with following configuration and user..

POST _xpack/security/role/standard_poweruser_v2
"cluster": ["monitor", "manage_watcher", "manage_ml", "transport_client", "manage" ],
"indices": [
"names": [ "*" ],
"privileges": [ "view_index_metadata", "read", "read_cross_cluster", "index" ]

POST _xpack/security/user/poweruser
"password" : "changeme",
"roles" : [ "standard_poweruser_v2"],
"full_name" : "Power User for Jayanna"

logged into Kibana with poweruser/chageme credentials..

Under Discover, I'm able to see the all index data.. but when I try to save it, I get an error
===> "Discover: [security_exception] action [indices:admin/refresh] is unauthorized for user [poweruser]" ...
But the REPORT is SAVED... when I click on OPEN, I can see search query saved..

Same with Visualization.. I'm open up already existing Visuals and with "save as new visualization" checkbox, when I save it, I get below ERROR, But it SAVED SUCCESSFULLY.
===> Visualization Editor: [security_exception] action [indices:admin/refresh] is unauthorized for user [poweruser]

Whats the wrong with these configuration? Why the error is thrown but created successfully..
Whats the right configuration for the above requirements?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.