Tenant Kibana as BI

jodinathan · December 23, 2024, 1:50pm

We are considering using the ELK stack for a project that needs to provide BI capabilities to clients. To ensure security, we plan to implement RLS (Row-Level Security) and FLS (Field-Level Security), so clients only see their own data.

We would like to know if the following is possible:

Create users with completely isolated environments. When a client accesses Kibana, they should have no awareness of other users, as if the environment were exclusively theirs.
Clients should have read-only access to all available data.
Prevent clients from creating reports, allowing them only to view the ones made available to them.
Enable us (admins) to create reports and assign them to specific clients.
Optionally, allow clients to access Kibana without needing a username and password, by providing access through our admin panel. This would involve generating a link that guarantees their entry directly.

GinkoLucas · January 15, 2025, 4:40pm

Hello,
In kibana you can :

Create isolated environnements : Spaces | Kibana Guide [8.17] | Elastic
You can create Roles/User and affects them to a Space, so they can only see what's in their own space, and give them read-only access.
Of course, admins can create dashboards and manage Spaces.
And for Kibana access, it's possible to create access without authentication, but I don't recommend it for production use.

Topic		Replies	Views
User based kibana access control Kibana elastic-stack-security	6	445	May 17, 2020
Security and authentication Kibana elastic-stack-security	10	1025	November 8, 2019
Different anonymous users on ELK Kibana	2	18	September 3, 2024
How can we restrict to show data on kibana from different users? Kibana	6	1902	January 6, 2022
Assign a group of users READ only access to certain indices while allowing them to create visualizations? Elasticsearch	3	720	September 20, 2018

Tenant Kibana as BI

Related topics