Dont want to list all possible indicies when creating index-pattern in kibana

  • Search Guard and Elasticsearch version: 6.2.2

  • JVM version and operating system version: 1.8

  • Search Guard configuration files: Demo

Hi,

I’m trying to create a user, role, and mapping, so the user only has read access to a single index and can only view their index in Kibana. I think I have part of it down using a role with the following index and cluster permissions/action groups:

  • ?Kibana index
  • Manage
  • index
  • read
  • delete
  • Single index
  • Read
  • Search
  • Indices:data/readfield_caps*
  • Cluster
  • Manage
  • Cluster_composite_ops_ro
    The problem is that the user still is listed with all ES indices when attempting to create an index-pattern (as seen in below image).

This has lead to several errors, the user can even still create an index-pattern from an index they don’t have access to. **How can I prevent users from seeing other indices and being able to create index-patterns of indices the user doesn’t have access to? **

Also, is there a way to limit the menu tabs the user can see, e.g. only Discover and Dashboards?

Thanks!

As to your first question / indices, this is a feature we are working on, but at the moment I’m afraid there is no real workaround :frowning:

You cannot really define which menu entries a user sees on a per-entry level. However, with the newest version if the Kibana plugin (v11, released today) there’s a read only mode which limits the Kibana functionality to Dashboards and Tenants:

···

On Sunday, April 1, 2018 at 11:12:07 AM UTC+2, robert@elementdata.com wrote:

  • Search Guard and Elasticsearch version: 6.2.2
  • JVM version and operating system version: 1.8
  • Search Guard configuration files: Demo

Hi,

I’m trying to create a user, role, and mapping, so the user only has read access to a single index and can only view their index in Kibana. I think I have part of it down using a role with the following index and cluster permissions/action groups:

  • ?Kibana index
  • Manage
  • index
  • read
  • delete
  • Single index
  • Read
  • Search
  • Indices:data/readfield_caps*
  • Cluster
  • Manage
  • Cluster_composite_ops_ro
    The problem is that the user still is listed with all ES indices when attempting to create an index-pattern (as seen in below image).

This has lead to several errors, the user can even still create an index-pattern from an index they don’t have access to. **How can I prevent users from seeing other indices and being able to create index-patterns of indices the user doesn’t have access to? **

Also, is there a way to limit the menu tabs the user can see, e.g. only Discover and Dashboards?

Thanks!