My current setup is in AWS with Kibana 6.7.0 deployed. Inside AWS I'm using SSO for my company login, I have also a Cognito user pool in place which is Federated with the on prem ADFS and everything works like a charm, including the login to Kibana.
I have several Lambdas inside AWS that scan multiple AWS accounts for specific compliance checks, data gets into Elasticsearch and I built a Kibana dashboard for querying the data.
My issue is that I don't know how to create an access method for the dashboard to separate the shown data based on each SSO users permissions. The dashboard is querying ES based on a field called account name which is a string. After that field is selected, I am able to see specific information for that account. My concern is that I want users to only be able to query data based on the account they have access too. How can I make an SSO/Cognito user to not be able to query the data for all values in the specific field? Is there a way to create a dashboard with ABAC?