Kibana permissions. Show only allowed index pattern in dashboard

Hi,

I mapped a user to the role. SGS_KIBANA_USER and to a custom role, which allows access just to specific index pattern.

The user is still able to see all existing index pattern in the dashboard. When he clicks on an index pattern he received an ugly error message instead of proper information, that he is missing the rights to see the logs.

How I can limit the user to see just the index pattern he is allowed to see and hide all other available indexpattern in the dashboard?

This is how it looks like right now:

Right now it is not directly possible to hide index patterns you don’t have access to.

You have these options:

  • Use multi-tenancy and organise your tenants in a way that only users with similar privileges have access to the same tenants
  • Edit the configuration in sg_config.yml and add do_not_fail_on_forbidden: true like described at https://docs.search-guard.com/latest/kibana-plugin-installation#configuring-elasticsearch-enable-do-not-fail-on-forbidden Additionally, add do_not_fail_on_forbidden_empty: true just below do_not_fail_on_forbidden. Don’t forget to update your configuration with sgadmin. This will cause search requests on indexes you don’t have permissions for just to return empty results. Thus, the index patterns won’t go way, but the error messages.
1 Like