Spaces and restricted access to indices

In issue RBAC, OLS & spaces it states:

The same logic will apply once Index Patterns themselves are made securable and if a user has read access to a Visualization or Saved Search, they will be implicitly granted read access to the Index Pattern.

I'm looking for a way to restrict a user strictly to the queries and time-range of a specific dashboard. Imagine having an index for several weeks of data for multiple devices and you want to create a visualisation for a client, which must only see a day of data for a single device.

So far I've noticed that dashboard only users (Spaces disabled) can simply directly do a ReST call to /elasticsearch/my-index-*/_search or even access the development console and the /api/console/proxy?path=_search&method=GET API endpoint.

A PDF report doesn't really fit our use-case, as we need the interactivity of the dashboards (mouse hover on graphs etc).

Do Spaces cover our use-case?

Remember while using Kibana, users with direct access to the .kibana index will no longer have access to Kibana unless they are also granted specific Kibana privileges. It will not automatically grant them access to every space. So you would have to restrict it at the role level Some more information you can see, am also ccing @Larry_Gregory for more info. He will respond when he has time.


Hi @ikcah80, welcome to the discussion boards!

If you want to restrict a user to a specific time range, then you'll want to check out Document Level Security ("DLS"). This allows you to specify an Elasticsearch query to filter all searches performed by your users:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.