Hi Team,
I have created 2 groups in Active directory (uat-ro and prod-ro) and I want to map role to these individual groups with index restrictions however when I map the role permission as below
Cluster permission : cluster_composite_ops_ro
Index permission: read
Tenant:Global
It seems to work however when I specify the index pattern, lets say only uat indices - and then when user logs in and clicks on discover or dashboard, they get a blank screen. Not sure what must have gone wrong.
Can someone please help
Hi @shaimoh
It is not clear which indices you allowed the user to read in the above config.
If you created roles using config files, can you share the section from roles.yml file?
If you are using kibana UI to create roles, can you confirm which indices the read permission is assigned to?
Hi Anthony,
Thanks for the response
I was able to fix the issue. The problem was with the tenant
Looks like Kibana does not you to restrict index permission in “Global” tenant. I assigned the custom tenant to the role I created and users were able to see the dashboards in readonly access.