Dashboard only role shows all applications in the menu


I created a new role called test which has been mapped to role abc which has been created as a dedicated Dashboard group. I mapped it to AD group. This group is suppose to show only Dashboard menu in Kibana with Read privileges. Instead, it shows all apps in the menu. Any idea why? I have no issues logging in with an account that's part of this AD group. Also, this AD user is part only of this single group.
Version 7.4.2

GET _security/role_mapping/test

      "test" : {
        "enabled" : true,
        "roles" : [
        "rules" : {
          "field" : {
            "groups" : "CN=x,OU=x,OU=x,OU=x,DC=x,DC=x,DC=x,DC=x"
        "metadata" : { }

Hey @saif3r, does the user with the abc role have any other roles?

Per the docs

When you assign a user multiple roles, the user receives a union of the roles’ privileges. Therefore, assigning the kibana_user role in addition to a custom role that grants Kibana privileges is ineffective because kibana_user has access to all the features in all spaces.

No, for the testing purposes i created an exclusive user with exclusive role and made sure that's the only role this user has.

Hey @saif3r, after logging into Kibana with the user that is supposed to only see Dashboards, do you mind running the following two queries in DevTools and posting their response?

GET _security/_authenticate

GET _security/user/_privileges

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.