Granular Kibana permissions when creating users and roles

jhegarty · February 24, 2021, 6:25pm

My team needs to set up specific user access to Kibana, and we haven't quite figured out the combination of roles and space privileges. We need a user that has all the permissions of a superuser, with the exception of acessing/updating snapshots and repositories, and updating users/roles security settings. Ideally, we'd like them to be able to manage snapshots without the ability to create new repositories, but that's a pretty extreme degree of granularity and not essential.

Is there a way to do this through the Kibana users and roles UI?

Larry_Gregory · February 24, 2021, 6:52pm

Hey @jhegarty,

This should get you pretty close on the Elasticsearch side, although I haven't tested this extensively:

And then for Kibana, you'll want to grant All access to every feature across all spaces:

You may also want to grant the reporting_user role as well as the beats_admin role in order to get access to Kibana reporting and Beats Central Management.

system · March 24, 2021, 6:53pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.