Hi Team,
We have recently upgrade from 7.15.2 to 7.17.10 and it appears the privileges hierarchy has changed .
We used to use the following for a dashboard role to manage dashboard editing in kibana and this had runtime field editing in 7.15.2 but is appears in 7.17.10 it does not
{
"cluster": [
"monitor"
],
"indices": [
{
"names": [
"*"
],
"privileges": [
"read",
"read_cross_cluster"
],
"allow_restricted_indices": false
}
],
"applications": [
{
"application": "kibana-.kibana",
"privileges": [
"feature_discover.all",
"feature_visualize.all",
"feature_dashboard.all",
"feature_dev_tools.read",
"feature_advancedSettings.read",
"feature_indexPatterns.read",
"feature_savedObjectsManagement.all",
"feature_graph.all",
"feature_apm.read",
"feature_maps.all",
"feature_canvas.all",
"feature_infrastructure.read",
"feature_logs.read",
"feature_siem.read",
"feature_uptime.read"
],
"resources": [
"*"
]
}
],
"run_as": [],
"metadata": {},
"transient_metadata": {
"enabled": true
}
}
We cannot seem to find a feature to enable runtime field create/edit without turning "feature_indexPatterns.read" to "feature_indexPatterns.all" which enables index pattern editing also which we did not want to allow.
Would appreciate some advice if we are missing something in the role privileges