Restrict index privilege on space level

shinki927 · December 6, 2022, 1:39pm

Hello,

I have a question about how to restrict the index access on space level. I know in general we can create separate role with different index permission to a specific space. But in our use case, we sometimes need to grant multiple roles to one user, for example we will grant role1 (with read access to application 1) and role2 (with read access to application 2) to the user from application 1. In this case, this user can see in the APM UI not only the service of app1 but also of app2. Ideal would be, the data of app1 only remains in the app1 space and the same for app2, although user has read access to both application data. Is there a way that we can restrict the index permission on space level?

Thanks in advance

Andrew_Tate · December 7, 2022, 7:22pm

Hi @shinki927

Spaces are a Kibana construct for organizing things built in Kibana (for example dashboards). Elasticsearch has no knowledge of spaces.

So, unfortunately Elasticsearch indices can't be made accessible in one Kibana space but not another.

Does that answer your question?

system · February 1, 2023, 6:59pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.