How does this work? How would a user who only has limited permissions to Kibana create a default index?
I know this sounds like a simple question, but I don’t understand how I would give users access to Kibana if they don’t even have a default index in place, and aren’t able to create one without write permissions to the .kibana index.
Is there a special single line permission for the .kibana index I’m missing? Something like “indices:/data/blah/blah/default” that I could use to ONLY allows the creation of a default index for a read-only tenant?
Basically I just don’t want users messing around with Kibana advanced settings or anything like that.
Replying to the thread to say this question stemmed from a fundamental misunderstanding of how Kibana role delegation within an organization would work in practice.
Thanks for looking, though!
···
On Tuesday, October 17, 2017 at 8:04:34 PM UTC-4, notdavidcronenberg wrote:
How does this work? How would a user who only has limited permissions to Kibana create a default index?
I know this sounds like a simple question, but I don’t understand how I would give users access to Kibana if they don’t even have a default index in place, and aren’t able to create one without write permissions to the .kibana index.
Is there a special single line permission for the .kibana index I’m missing? Something like “indices:/data/blah/blah/default” that I could use to ONLY allows the creation of a default index for a read-only tenant?
Basically I just don’t want users messing around with Kibana advanced settings or anything like that.
Hey, can you elaborate more on this “fundamental misunderstandin”? I namely have the same problem as your first post and can’t figure it out. I.e. I don’t want to give users write access to .kibana* because a user can then delete the whole index with all settings, dashboards, etc. Still they need access to it in order to be able to create index templates, dashboards and so on in the global tenant.