How to only allow Creation of Saved objects


I had a question about Kibana multitenancy:
Is there a specific Tenant permission setting from Searchguard Roles which allows the creation of new Saved objects (like visualizations, dashboards, etc) but does not allow deletion?

When I allow SGS_KIBANA_ALL_WRITE, it allows the users to save saved objects, but also gives them permission to delete them.
So, I tried just using SGS_KIBANA_ALL_READ but it does not allow saving of any saved objects.

Has anyone solved a similar problem before?

Supporting information:
Elasticsearch and Kibana: 7.4.0
Searchguard plugin: 7.4.0-36.2.0

At the moment the only allowed values for allowed_actions are SGS_KIBANA_ALL_WRITE and SGS_KIBANA_ALL_READ . The option to assign finer-grained permissions will follow soon. Kibana Multitenancy | Security for Elasticsearch | Search Guard

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.