Read Only to Everything in Elastic/Kibana

Is there a quick/easy setting in Kibana Roles that would give a user full read only permissions to everything within the Elastic Stack? Basically, I want to create a user with a Role where they can see everything an admin can, but can't take any actions at all.

Hi @ryans,

Have you tried creating a role with 'read' as the priviledge for all features as per the screenshot in the documentation?

As @carly.richmond said you can create a role which achieves this for ~95%.

There are some features which require admin/superuser privileges to access which cannot be achieved with read permissions.

Your role will need the following things:

  1. Kibana permissions
  2. cluster read permissions
  3. index read permissions.
1 Like

Thank you for that. I added those, but it doesn't help with the Elasticsearch pieces.

Thank you for that additional information. I did add some of those and got closer, but noticed I need to include some enterprise* roles to see App Search engines.

So while there is a way to get the perms I want, apparently there is no easy "grant read to everything" option. It still takes a lot of tinkering.

I discovered today while working with support that users that are created within App Search get hidden privileges that can not be (or not obviously) found in Kibana.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.