Kibana user privileges

Hi,

With Kibana spaces and user/role privileges, is there a way in which I can give users permission to create new visualizations/dashboards, but at the same time making sure that the user doesnt have right to delete any existing visualization?

Or, is there a way in which I can specify read privileges on individual dashboards/visualizations?

Yes , on version 7.4 this can be achieved by using feature privileges. Kibana privileges grant users access to features within Kibana. Roles have privileges to determine whether users have write or read access. More info on the settings and how to achieve it here:

https://www.elastic.co/guide/en/kibana/7.4/kibana-privileges.html#kibana-feature-privileges

Hope this helps
Thanks
Rashmi

Thanks for the reply.

Not sure if my question was clear enough..

I was wondering if there is a way in which the feature privileges can be defined for individual dashboards. Say, if I have 10 dashaboards in space X, can I give a user only read access to the 10 dashboards, but write access for any new dashboards they would want to create ?

@Larry_Gregory can you please shed more light ?

Thanks
Rashmi

Hey @joseja,

Thanks for the question. Unfortunately, this is not currently possible, but it’s planned. The functionality you’re looking for is being referred to as “object level security” — we have plans to work on this, but haven’t committed to a timeline or release version. You can follow along and track our progress here: https://github.com/elastic/kibana/issues/39259

The details of the implementation are likely to change, so don’t take the linked description as the final design.

Thanks guys..