Plugin access to Kibana after providing the role and permission

Hi Team,

I have created 2 groups in Active directory (uat-ro and prod-ro) and I want to map role to these individual groups with index restrictions however when I map the role permission as below

Cluster permission : cluster_composite_ops_ro
Index permission: read

It seems to work however when I specify the index pattern, lets say only uat indices - and then when user logs in and clicks on discover or dashboard, they get a blank screen. Not sure what must have gone wrong.

Can someone please help

Hi @shaimoh

It is not clear which indices you allowed the user to read in the above config.

If you created roles using config files, can you share the section from roles.yml file?

If you are using kibana UI to create roles, can you confirm which indices the read permission is assigned to?

Hi Anthony,

Thanks for the response

I was able to fix the issue. The problem was with the tenant

Looks like Kibana does not you to restrict index permission in “Global” tenant. I assigned the custom tenant to the role I created and users were able to see the dashboards in readonly access.