Role configuration needed for giving read only access to dashboard

sayalipatil9689 · December 10, 2024, 6:50am

In my application, admin has created certain dashboards on one index.

Now I want to create two roles for users for visibility of those dashboards.

role with read only access to those dashboards where DQL can be applied from prompt on displayed dashboards
role with read only access to those dashboards where DQL cannot be present to apply and dashboard will be fully read only.

I need to create these two roles only using roles.yml and roles_mapping.yml and cannot create from UI of openSearch Dashboard as due to some infra constraints Security option on UI is not available.

How to do that?

cwperks · December 10, 2024, 4:04pm

There’s a dashboards setting for readonly users. i.e. users that cannot make changes to saved objects (index patters, visualizations, dashboards)

opensearch_security.readonly_mode.roles: ["<role_for_read_only>"]

Documentation page: https://opensearch.org/docs/latest/security/configuration/multi-auth/#sample-setup

Not sure about DQL on a prompt on a displayed dashboard though.

sayalipatil9689 · December 11, 2024, 10:34am

is there any way to handle it through roles.yml and roles_mapping.yml? I tried with kibana_read_only role, but it still makes edit dashboard option enabled.

In above image, basically I do not want to have edit button and DQL option enabled.

Topic		Replies	Views
Permission set for a readonly role OpenSearch Dashboards configure	9	1694	October 30, 2024
How does the "kibana_read_only" role work? OpenSearch Dashboards troubleshoot , configure	4	1239	July 14, 2023
Opensearch dashboard readnonly access OpenSearch	0	342	December 15, 2022
Opensearch readonly user creation OpenSearch	10	1255	October 24, 2024
Read only role on multitenant Opensearch Dashboards OpenSearch Dashboards	4	48	October 31, 2024

Role configuration needed for giving read only access to dashboard

Related topics