In Cloud service, How to add Space Creation/Deletion privs to role

I am trying to configure a role that can Read Dashboards + create/delete Spaces.

Dashboard is easy, but the Space privilege has me scratching my head.

Is this possible in the Cloud service Kibana UI?

Hey @lmit,

I completely understand why this is leaving you confused! We are currently "hiding" the space management privileges behind the "Global all" privilege. This means that in order to manage spaces, you need to be assigned a role which grants "All" access to the "Global" resource (This is equivalent to granting the built-in kibana_user role):

This is something we want to change though. Feel free to follow along at https://github.com/elastic/kibana/issues/51759, and add your use-case there if it's not already captured.

Thank you for the prompt response! So no fine-grained control possible for my use case.

I will deliberate on how insecure it will be for embeded dashboard-only users to have privilege of kibana_user.

Regards