How to create a read-only user having access to specific indices (in discover page) and specific dashboard(s) only?


I went through Security > Internal Users and I was checking whether this is possible. I have 4 indices, say, indexa, indexb, indexc and indexd. I have 4 dashboards, say dashboarda, dashboardb, dashboardc and dashboardd.

I want to create a readonly user having username and password as readonly_user.

  1. I want this user to be able to read only indexa and indexb.
  2. I want this user to be able to access only dashboarda and dashboardb

I have two questions;

  1. How to create a that user with KIbana UI
  2. Is it possible to create user using API? If possible, how?

Thanks in advance.

Hi @elasticheart The index access is easily accomplished using index patterns permissions in roles which can be done via both Kibana UI and APIs, however as far as I know the only way to limit access to certain kibana objects (dashboards, visualisations etc) is to use separate tenants. Would that work for your use case?

I have the similar situation to test. I dont mind if readonly user able to see the menus but he should not have “EDIT” button in the dashboard and should not alter anything.

Any luck in the process?

@guhan What odfe version are you running?

Have you tried providing kibana_read_only role with additional custom role which only grants read permission on the specific tenant? The button to edit will still be there, however will not allow the user to save changes