Does ElasticSearch/Kibana Support Multi Tenancy?

I am trying to understand how to restrict the elasticsearch data that different user groups can view using Kibana. In other words, I am trying to understand how an elasticsearch/kibana solution can be a multi tenant solution.

I recognize the answer might have to do with how you architect your solution. Assume that I have two different sets of users. Each set of users can only access their own set of data via Kibana.

What is the best way to architect this solution?

Should I have 2 different indexes, one index for each user group? Or should I have one index and somehow restrict which data the users can run queries against in Kibana?

Multi-tenancy at the data level exists if you pair Kibana/Elasticsearch with Shield - you can restrict which users can view which data in Elasticsearch at a pretty granular level. However, fine-grained access control at the UI level, such as restricting which dashboards and views are accessible to given groups of users, is not part of that integration yet.

You can work around this currently by setting up multiple instances of Kibana - one per user - configured to point to different configuration indices (instead of the default .kibana).

1 Like

Hello Tanya

I thought about suggested solution but that might not be enough.

for instance, If I index documents having field A and field B and I want to configure multi tenancy according specific values of field A, meaning prefiltering all visualized data according the tenant, how can I configure kibana.yml for each kibana UI in such way that users cannot modify this prefiltering criteria and therefore cannot see the data of the others ?

Thanks, Dan

Hi Tanya,
How can I configure my Elasticsearch to create multiple .kibana files based on the indices so that I can give access like one per user?

Looks like Search Guard does support multitenancy for Kibana: https://github.com/floragunncom/search-guard-docs/blob/master/multitenancy.md Tried the beta a few days ago and it worked very nice.