Hi,
Note: I am using ELK 7.9.1
I am trying to grant users the "minimum access required" to do their job and at the same time I am trying to maximize security all I can. I'm aware that system role kibana_dashboard_only_user
is deprecated and about to dissapear in Kibana 8, but in the meantime it resolves the need I have. I want to restrict users to have access to only certain apps in Kibana. App Management
is one of the apps that I need to restrict for most of users, except for admins.
Pursuing this goal I have tried to reproduce the kibana_dashboard_only_user
to get the same results.
- I added a new role with no
index
privileges but onlyspace
privileges toread
Dashboard
. Then assigned that sole role to a new user.
Logged in as the new user and all other apps but Dashboard
were hidden as expected, but the Management
app was still available from the main menu.
- Then added a new
space
and copied all Kibana saved objects from anotherspace
. This time I limited the visibility of the features within thisspace
to display nothing else butDashboard
. I granted permissions for the new user to access only thisspace
.
Logged in as the new user just to realize the issue persist: the Management
app was still available from the main menu.
If this user does not have nor require any special admin privileges, and must have access only to read the dashboards, then it does not make any sense that this user can see (and access) an app for management. Even when all the sub-apps inside Management
triggers pop-ups permissions errors when attempt to access any of them, it would be more elegant and secure if the user couldn't see that app at all.
Same issue was described here, here, here and officially discussed here as well.
It appears that the development team is working hard to fix this issue or enhancement request.
Few questions:
- Is there an estimated date for this functionality to be available?
- Meanwhile, is there a workaround?
- Wouldn't it be easier to simply show or hide
Management
in theHome
app, regardless of whether or not the user has sufficient privileges on the node to accessManagement
? If the user is only allowed to hide or showManagement
fromCustomize feature display
, then Kibana would not depend on the permissions of the node that Elasticsearch controls, since it would not be manipulating the permissions of the node, but only showing or hiding access to an app.
Likewise, even if the user could see the app (due to some human error in not hiding Management
), the Elasticsearch privileges would come into play. This would not be very elegant perhaps, but at least safe.
Thank you