Hello,
I have followed the document : https://www.elastic.co/blog/getting-started-with-elasticsearch-security
I want to create a user who has read-only privileges.
The user should be able to view the data in the discover tab.
The user should be able to view the dashboards, visualizations etc.
But the user should not be able to edit anything.
For this purpose, I created a role and under the Index privileges ,I selected all indices and Under Privileges I selected read.
Then created a user and assigned the above role to the user in addition to the role : kibana_user.
I tried to login to Kibana with the newly created user and I can see that the user is able to edit dashboards. create index patterns etc.
How can I overcome this ?
If I assign the role : kibana dashboard users only, then the user will not be able to view anything in the discover section.
Any suggestions on this please ??
Below are the screenshots :