Hi,
I'm managing a multi-user environment and everybody needs to access kibana, so I added them the "kibana-user" role.
But recently, I discovered that this role is able to manage and even delete the .kibana index.
I finally created a "kibana-user-nodelete" role that can only read and index the .kibana index.
Would not it be more logical to have two default roles for kibana which would be "kibana-manager" or "kibana-admin" and a "kibana-user" that can't delete the .kibana index?
if you don't allow any delete permission for the kibana_user role, an user with that role won't be able to delete any object that he creates (visualization, dashboard, saved searches, etc). So this why the delete action is by default added to the kibana_user. There will be a new option added in future kibana releases(6.0 actually) that allows you to define view only modes for a role, so that can probably help your situation.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.