Setup access dashboard per user

Hi all,,
We are running Elastic Cloud and latest version of Kibana.
At this moment we are creating (in Kibana) new dashboards for different stakeholders.
I would like to know how to setup the user rights and security so they can only view one (or more) particular dashboards.
Thanks a lot!
Martijn

Hi @martijndegroot,

it looks like you are looking for the spaces feature - it allows you to create a space per stakeholder, put everything they are allowed to see in that space and then associate the space with the right user accounts.

Hi @Flash1293,
Thank you, we have now succeeded in creating 'spaces'.
Now I will take the following steps.

  1. Create new roles.
  2. Setting a space per role.
  3. Assign this role to a user.

Hopefully we'll be there then ...

Hi @Flash1293, Took a little deepdive today and still figuring out how things works (We are new with all functionalities). Hopefully you can help again.

For so far i understand:

  1. An index pattern contains fields that we can make searchable and aggregable. These fields contains information that we want to separate for different users (I think that is our main goal).

  2. For a search I use Discover. We can in/exclude fields and data can be filtered within it. For Example. For example: we select the data from 1 specific supplier.

  3. A visualization starts with the selection of a source; index or a search (feels like a filtered index).
    A visualization can be further filtered through advanced functions.

  4. A dashboard is a selection of searches and / or visualizations.

  5. A user has name, etc., but also roles.

  6. When creating a new role, I see, among other things, the selection of indices (index selection) and add space priviliges.

  7. Spaces contain name, URL and rights with regard to features.

Questions:

    • There is specific data in fields that we do not want to share with all users.? Is it useful to use the filter functions in discover and visualization here?
  • How do we link a dashboard to a space? Does the 'space privilege' under create new role exclude all other dashboard for users with that role setup.

Just think now i am almost there...

There is specific data in fields that we do not want to share with all users.? Is it useful to use the filter functions in discover and visualization here?

If you really want to keep this data private, filters are not enough because the users can change them on the fly when looking at discover/visualizations. You can define access privileges for certain fields just like you can for indices (this is also part of the security UI). If you want to hide whole documents (not just specific fields within all documents) from a group of users, it makes sense to put them into different indices and restrict the access rights on index level.

How do we link a dashboard to a space? Does the 'space privilege' under create new role exclude all other dashboard for users with that role setup.

If you create a new space and associate users with it, you can just go to that space and create the dashboard there. Then it will be only accessible to users that can access that space. It's also possible to copy/transfer dashboards from one space to another in the Management > Saved objects UI.

1 Like

Cool! This is really helpfull.
We will quickly start testing some scenarios.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.