I have a space
I have users in that space
I want to make someone admin of that space (user administration, etc)
I do not know how to do that
Here is the guide on securing spaces:
https://www.elastic.co/guide/en/kibana/master/spaces-securing.html
Essentially you need to create a new role and give it the permissions for the space(s) you want it to have read/none/all permissions to and then add your users to the role.
I gave the role all privileges
But that does not give the user the right to manage users within the space.
Hey @JPelastic
It's not possible to allow user management within a specific space.
Spaces are a concept within Kibana only, but users area cluster-wide concept. User management is enabled by granting the manage_security cluster privilege to a role. Any user with this privilege can use the User/Role Management screens within Kibana.
Yes!
But sadly that means he can also touch the users outside of the space.
Right, because users don't belong to a space, they belong to the cluster. You can create users without any access to Kibana, and that's a perfectly valid thing to do.
Thanks Larry
But then... we're using Spaces as a way to partition our Kibana access to different customers. And they are asking for a way to manage their users within the Space. Any hints on what we could do?
The only way I'm aware of to segment your users at this point is to give each customer their own cluster. Currently, anyone with the manage_security cluster privilege is able to manage all users and roles.
You could also use a different identity provider via SAML, LDAP, or AD. With those, you can create your own user management facilities outside of Kibana
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.