I have two testusers, which reside in different tennants. With my admin user, which is mapped to standard Search Guard role “SGS_ALL_ACCESS” I have created additional Kibana Space and also an index pattern in there.
The result now is: Each of my testusers, which only have accesse to their own independant tennats can still see all the Kibana Spaces I have created, go inside and at least check the kibana index pattern names.
Can you give me a hint if there is a way to limit Kibana spaces to specific tennants so that in each tennant I can have an own set of Kibana Spaces which cannot be seen by users from other tennant?
@Kosmonafft kibana spaces is elastic’s implementation of tenants. If you are using searchGuard’s implementation of multi-tenancy, Spaces should be disabled in kibana.yml with line:
xpack.spaces.enabled: false
(kibana restart is needed)
Once that is done, can you confirm if you are still having issues? If so, can you confirm which way you created and assigned the tenants, did you use yaml configuration files of kibana UI?
If configuration files, could you please provide these (redact any sensitive information)
Thanks for the info. Do you plan to integrate manual selection of spaces in the Kibana UI? Spaces are more comfortable to use for a user since he can see the space where he is currently in and which are available for selection.
What happens when one user has access to multiple tenants? Can he actively select which one he would like to see or does he see everything from both tenants combined in one kibana “view” ?