With Kibana spaces and user/role privileges, is there a way in which I can give users permission to create new visualizations/dashboards, but at the same time making sure that the user doesnt have right to delete any existing visualization?
Or, is there a way in which I can specify read privileges on individual dashboards/visualizations?
Yes , on version 7.4 this can be achieved by using feature privileges. Kibana privileges grant users access to features within Kibana. Roles have privileges to determine whether users have write or read access. More info on the settings and how to achieve it here:
I was wondering if there is a way in which the feature privileges can be defined for individual dashboards. Say, if I have 10 dashaboards in space X, can I give a user only read access to the 10 dashboards, but write access for any new dashboards they would want to create ?
Thanks for the question. Unfortunately, this is not currently possible, but it’s planned. The functionality you’re looking for is being referred to as “object level security” — we have plans to work on this, but haven’t committed to a timeline or release version. You can follow along and track our progress here: https://github.com/elastic/kibana/issues/39259
The details of the implementation are likely to change, so don’t take the linked description as the final design.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.