Hi,
I have installed Kibana 7.2.0 with X-Pack. I created 2 indexes, e.g logging-a-16.04.2020, logging-b-16.04.2020 with index patterns logging-a*, logging-b*
I created role 'a' which can access index pattern logging-a* with following privileges
monitor,read,create,write,create_index,index,view_index_metadata
I created an user and assinged it roles a, kibana_user. When I tried to log in with this user, the user can see the index pattern logging-b* also, eventhough role a has no access to indexpattern logging-b*. Not only that, user is also able to delete the indexpattern logging-b* using Management tab of Kibana. Ofcourse user is not able to see any data from logging-b* index, but he can delete it and when i tried to login in with the user who has access to logging-b* index, i can see that, the index pattern was deleted.
I have an usecase where i need to create users based on index patters. I might probably have 20 index patterns and each index pattern will have some users. I dont want all these index patterns to be displayed for all users. Is it possible to do that?
The access rules you configured in the roles are just about the actual data in Elasticsearch, the "index pattern" in Kibana is just a saved object carrying some meta information.
To separate the users on Kibana level as well, create different spaces for the various user groups and assign them correctly. Then go into the spaces and create just the index pattern objects you need there.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.