Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
Version: Opensearch, Opensearch Dashboards v1.3.2 and v2.2.1
Describe the issue:
On the Opensearch Dashboards UI, there is an Advanced Settings page under Stack Management that displays a warning
Caution: You can break stuff hereBe careful in here, these settings are for very advanced users only. Tweaks you make here can break large portions of Logviewer. Some of these settings may be undocumented, unsupported or experimental. If a field has a default value, blanking the field will reset it to its default which may be unacceptable given other configuration directives. Deleting a custom setting will permanently remove it from Logviewer's config.
Currently with security plugin enabled, if a user has write access to .kibana_1 index, they would be able to create/modify Saved Objects (visualizations etc) and also modify the Advanced Settings. It is not possible to further granularize the permissions and restrict access to Advanced Settings alone - such that user could create Saved objects but not modify Advanced Settings.
Expectation: can there be an easy and simple method to hide/disable the “Advanced Settings” edit option on the UI or restrict access to it for specific users?
In elastic’s x-pack distribution, such a provision exists. Refer here.
Configuration:
Default config from the plugin