Granular Kibana permissions when creating users and roles

My team needs to set up specific user access to Kibana, and we haven't quite figured out the combination of roles and space privileges. We need a user that has all the permissions of a superuser, with the exception of acessing/updating snapshots and repositories, and updating users/roles security settings. Ideally, we'd like them to be able to manage snapshots without the ability to create new repositories, but that's a pretty extreme degree of granularity and not essential.

Is there a way to do this through the Kibana users and roles UI?

Hey @jhegarty,

This should get you pretty close on the Elasticsearch side, although I haven't tested this extensively:

And then for Kibana, you'll want to grant All access to every feature across all spaces:

You may also want to grant the reporting_user role as well as the beats_admin role in order to get access to Kibana reporting and Beats Central Management.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.