Objective:
- Create a read only role & user who should be able to login to Kibana and do all READ only operation like open the dashboard & monitor
- Create a power user role & user who should be able to create their own kibana dashboards, create alerting using watcher APIs
- Create SuperPower role & user to create own dashboards, user Watcher App for alerting, and use Machine Learning App for creation ML analytics..
ES & kibana version: 5.4.0
Steps:
Created the power user role with following configuration and user..
POST _xpack/security/role/standard_poweruser_v2
{
"cluster": ["monitor", "manage_watcher", "manage_ml", "transport_client", "manage" ],
"indices": [
{
"names": [ "*" ],
"privileges": [ "view_index_metadata", "read", "read_cross_cluster", "index" ]
}
]
}
POST _xpack/security/user/poweruser
{
"password" : "changeme",
"roles" : [ "standard_poweruser_v2"],
"full_name" : "Power User for Jayanna"
}
logged into Kibana with poweruser/chageme credentials..
Under Discover, I'm able to see the all index data.. but when I try to save it, I get an error
===> "Discover: [security_exception] action [indices:admin/refresh] is unauthorized for user [poweruser]" ...
But the REPORT is SAVED... when I click on OPEN, I can see search query saved..
Same with Visualization.. I'm open up already existing Visuals and with "save as new visualization" checkbox, when I save it, I get below ERROR, But it SAVED SUCCESSFULLY.
===> Visualization Editor: [security_exception] action [indices:admin/refresh] is unauthorized for user [poweruser]
Whats the wrong with these configuration? Why the error is thrown but created successfully..
Whats the right configuration for the above requirements?