The same logic will apply once Index Patterns themselves are made securable and if a user has read access to a Visualization or Saved Search, they will be implicitly granted read access to the Index Pattern.
I'm looking for a way to restrict a user strictly to the queries and time-range of a specific dashboard. Imagine having an index for several weeks of data for multiple devices and you want to create a visualisation for a client, which must only see a day of data for a single device.
So far I've noticed that dashboard only users (Spaces disabled) can simply directly do a ReST call to /elasticsearch/my-index-*/_search or even access the development console and the /api/console/proxy?path=_search&method=GET API endpoint.
A PDF report doesn't really fit our use-case, as we need the interactivity of the dashboards (mouse hover on graphs etc).
Remember while using Kibana, users with direct access to the .kibana index will no longer have access to Kibana unless they are also granted specific Kibana privileges. It will not automatically grant them access to every space. So you would have to restrict it at the role level Some more information you can see https://www.elastic.co/guide/en/kibana/current/xpack-spaces.html#spaces-managing, am also ccing @Larry_Gregory for more info. He will respond when he has time.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.