Hi All,
Im playing arround with the ML-Feature of the Elastic Stack.
We use our Stack with multiple Kibana Spaces/Indicies.
So person A has access to Index A and Space A, person B has access to Index B and Space B and so on.
If i now add Person A to the machine_learning_user Role Person A can also see the Jobs an the Results of Person B.
As i understand that shouldnt be possible.
To view the configuration, status, and results of the machine learning features, you must have:
machine_learning_user or machine_learning_admin built-in rolesread and view_index_metadata index privileges on source indices
So but the Users can see jobs running on indicies there dont have any permission on.
Im i missunderstanding the Documentation?
Thanks,
Simon
Hi @richcollier,
Thanks for your reply.
But I'm not wondering why I can see a job created in space A in Space B. I'm wondering why a user with only privileges on Index A can see results from a ML Job based on Index B.
I quoted a part of the documentation in my question. Is in this case the source index the ml-results index?? Otherwise there is a bug or a misstake in the documentation.
I would understand the source index as the index where the ml-job get it's data from.
The results of ML jobs go into .ml-anomalies-* indices. By default, they go into a .ml-anomalies-shared index unless the ML job is configured to use a "dedicated" results index (sets the results_index_name in the config).
See: How to separate Machine Learning jobs in Kibana per user
Hi,
sorry for the late answer 
I will start to do it with the multiple indicies as you described.
One last question, today i found in Kibana Management -> ML Job List this:
What is this "setting/info" for and how can i change these?
Im using Kibana v7.6.1
Currently, you cannot do anything with ML Jobs and Kibana Spaces as the work is still in progress (https://github.com/elastic/kibana/issues/64172).
This column on the UI must have been inserted in anticipation of that upcoming support for ML jobs to be "Spaces aware"