Is there a quick/easy setting in Kibana Roles that would give a user full read only permissions to everything within the Elastic Stack? Basically, I want to create a user with a Role where they can see everything an admin can, but can't take any actions at all.
Hi @ryans,
Have you tried creating a role with 'read' as the priviledge for all features as per the screenshot in the documentation?
As @carly.richmond said you can create a role which achieves this for ~95%.
There are some features which require admin/superuser privileges to access which cannot be achieved with read permissions.
Your role will need the following things:
- Kibana permissions
- cluster read permissions
- index read permissions.
Thank you for that. I added those, but it doesn't help with the Elasticsearch pieces.
Thank you for that additional information. I did add some of those and got closer, but noticed I need to include some enterprise* roles to see App Search engines.
So while there is a way to get the perms I want, apparently there is no easy "grant read to everything" option. It still takes a lot of tinkering.
I discovered today while working with support that users that are created within App Search get hidden privileges that can not be (or not obviously) found in Kibana.