I mapped a user to the role. SGS_KIBANA_USER and to a custom role, which allows access just to specific index pattern.
The user is still able to see all existing index pattern in the dashboard. When he clicks on an index pattern he received an ugly error message instead of proper information, that he is missing the rights to see the logs.
How I can limit the user to see just the index pattern he is allowed to see and hide all other available indexpattern in the dashboard?
This is how it looks like right now:
Right now it is not directly possible to hide index patterns you don’t have access to.
You have these options:
- Use multi-tenancy and organise your tenants in a way that only users with similar privileges have access to the same tenants
- Edit the configuration in
sg_config.yml and add
do_not_fail_on_forbidden: true like described at Installing the Search Guard Kibana Plugin | Security for Elasticsearch | Search Guard Additionally, add
do_not_fail_on_forbidden_empty: true just below
do_not_fail_on_forbidden. Don’t forget to update your configuration with
sgadmin. This will cause search requests on indexes you don’t have permissions for just to return empty results. Thus, the index patterns won’t go way, but the error messages.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.