I've had advice on and seen postings that list different sets of privileges for the average kibana end-user but we're still getting errors which I'm sure are related to an incorrect set of privileges.
# Only read operations on indices named events_* events_user: indices: 'events_*': privileges: read
https://www.elastic.co/guide/en/shield/current/_granting_privileges_for_specific_actions.html lists privileges for specific index actions.
https://www.elastic.co/guide/en/shield/current/kibana.html lists the privileges for a kibana user as a list of those actions.
What is the 'best' set for the following (I think obvious) use-case for a new non-admin kibana user to have granted to them:
- Login (to Discover page)
- Navigate to the Dashboard page
- Open a pre-made dashboard with a set of visualizations based on their index-pattern
- Create, edit and delete visualizations based on their index-pattern
Is this correct:
my_user: cluster: - cluster:monitor/nodes/info - cluster:monitor/health indices: 'my_users_indices-*': - indices:admin/mappings/fields/get - indices:admin/validate/query - indices:data/read/search - indices:data/read/msearch - indices:admin/get '.kibana': - indices:admin/create - indices:admin/exists - indices:admin/mapping/put - indices:admin/mappings/fields/get - indices:admin/refresh - indices:admin/validate/query - indices:data/read/get - indices:data/read/mget - indices:data/read/search - indices:data/write/delete - indices:data/write/index - indices:data/write/update