"kibana_user" role is able to delete .kibana index


I'm managing a multi-user environment and everybody needs to access kibana, so I added them the "kibana-user" role.

But recently, I discovered that this role is able to manage and even delete the .kibana index.

I finally created a "kibana-user-nodelete" role that can only read and index the .kibana index.

Would not it be more logical to have two default roles for kibana which would be "kibana-manager" or "kibana-admin" and a "kibana-user" that can't delete the .kibana index?

if you don't allow any delete permission for the kibana_user role, an user with that role won't be able to delete any object that he creates (visualization, dashboard, saved searches, etc). So this why the delete action is by default added to the kibana_user. There will be a new option added in future kibana releases(6.0 actually) that allows you to define view only modes for a role, so that can probably help your situation.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.