Basically I need a readonly role to simulate the "experimental" viewer role, but limit Kibana privileges to only Analytics>Discover, and Management>Dev-tools.
But my custom readonly role after assigning ALL run-as privileges except for editor and viewer still cannot see the remote cluster result, or run the following remote cluster search in Dev Tool:
GET my-remote-cluster:remote-index/_search
{
"query": {
"match_all": {}
}
}
As soon as I add viewer role, the search is successful. I even copied the exact index privileges from the viewer role edit screen, and I still cannot make my readonly user be able to get the remote cluster results. Anyone know what hidden privileges the viewer role has that I may be missing to be able to do so for my custom readonly role?