I mapped a user to the role. SGS_KIBANA_USER and to a custom role, which allows access just to specific index pattern.
The user is still able to see all existing index pattern in the dashboard. When he clicks on an index pattern he received an ugly error message instead of proper information, that he is missing the rights to see the logs.
How I can limit the user to see just the index pattern he is allowed to see and hide all other available indexpattern in the dashboard?
Right now it is not directly possible to hide index patterns you don’t have access to.
You have these options:
Use multi-tenancy and organise your tenants in a way that only users with similar privileges have access to the same tenants
Edit the configuration in sg_config.yml and add do_not_fail_on_forbidden: true like described at Installing the Search Guard Kibana Plugin | Security for Elasticsearch | Search Guard Additionally, add do_not_fail_on_forbidden_empty: true just below do_not_fail_on_forbidden. Don’t forget to update your configuration with sgadmin. This will cause search requests on indexes you don’t have permissions for just to return empty results. Thus, the index patterns won’t go way, but the error messages.
