Dont want to list all possible indicies when creating index-pattern in kibana

• Search Guard and Elasticsearch version: 6.2.2

• JVM version and operating system version: 1.8

• Search Guard configuration files: Demo

Hi,

I’m trying to create a user, role, and mapping, so the user only has read access to a single index and can only view their index in Kibana. I think I have part of it down using a role with the following index and cluster permissions/action groups:

• ?Kibana index
• Manage
• index
• read
• delete
• Single index
• Read
• Search
• Indices:data/readfield_caps*
• Cluster
• Manage
• Cluster_composite_ops_ro
  The problem is that the user still is listed with all ES indices when attempting to create an index-pattern (as seen in below image).

This has lead to several errors, the user can even still create an index-pattern from an index they don’t have access to. **How can I prevent users from seeing other indices and being able to create index-patterns of indices the user doesn’t have access to? **

Also, is there a way to limit the menu tabs the user can see, e.g. only Discover and Dashboards?

Thanks!

As to your first question / indices, this is a feature we are working on, but at the moment I’m afraid there is no real workaround

You cannot really define which menu entries a user sees on a per-entry level. However, with the newest version if the Kibana plugin (v11, released today) there’s a read only mode which limits the Kibana functionality to Dashboards and Tenants: