One who can read all my indices, see all my visualisations and dashboards, but not be able to change any visualisations or dashboards?
The built-in kibana_user role doesn't do it, because that lets the user destroy things. But if I reduce the privileges on .kibana* to just "read" (and add "read" to indices "*" for access to the actual data) I just get a blank screen.
(Yes I know there are many similar such questions, but I can't find one that has an actual answer.)
The one you seem to need is "view_index_metadata".
Although the user interface is very poor - it will let you put loads of effort into, say, editing a dashboard, and only tell you that you don't have permission at the point of trying to save.
The usual approach is to block off disallowed actions in the user interface as well as (obviously) rejecting them at the back end. It doesn't look to me like this feature has been finished yet?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.