How to prevent dashboard_only_user from editing or searching

Help me.
I am using open distro for elasticsearch 13.2.1.
To prevent users with dashboard_only_user privileges from viewing edits and search items
What kind of authority should I grant?
I want to know if I can do it in the first place.

@daiki_1028 Can you please explain a bit more what you are trying to achieve (“viewing edits?”)? Also I assume you are using odfe 1.13.2?

yes! i using version 1.13.2.

Dashboard-only users want to limit items in the red frame

You can prevent the users from editing the visualisation and saving them by mapping users to a read_only_role and additional role like below:

    - index_patterns:
        - 'test*'
        - 'read'
    - index_patterns:
        - '.kibana*'
        - 'read'
    - "cluster_composite_ops"
    - tenant_patterns:
      - 'global_tenant'
        - 'kibana_all_read'

But the rest doesn’t seem to be possible

This is working in ES version of 6.8 and lower.

I have upgraded AWS ES service from 6.8 to 7.10.2 and started facing this issue on user which are already created.

In my case
Every user has 2 roles in ES v6.8

  1. Kibana Read Only
  2. Customize role with Document Level Security
    Cluster permission is : cluster_composite_ops_ro
    Indexes: ?kibana* and my own created index with DLS

It was working fine in v6.8. After upgrade to 7.10.2 it is NOT working.

Then, I added the same user to kibana_user role and it started working. but User now can do the CRUD on dashboards. Can go on creating visualisations. Which I don’t want and same things is mentioned above in screenshots by @daiki_1028

@Anthony Hi, This is Amit. I am replying from another user now as old user sending reply limit reached.( I can’t see older messages in this user account)

@Anthony As i said I am using the AWS managed service. So I don’t have control on the config files.

Also, If you check with ES v6.8 It require only 2 roles to map ( 1 kibana read only + 1 custom role) then why same thing is not working in ES v7,10,2

ES v7.10.2 makes compulsion on mapping the kibana_user role. Then only it started working( with CRUD issue of dashboard)

Why there is difference between 2 versions?

Can you please tell me how I can achieve dashboard only view in ESv7.10.2?

If you need I am ready to connect with you on google meet

Thanks, Amit