This documentation contains work-in-progress information for future Elastic Stack and Cloud releases. Use the version selector to view supported release docs. It also contains some Elastic Cloud serverless information. Check out our serverless docs for more details.
« Kibana role management API Keys »
Elastic Docs Kibana Guide [8.16] Stack Management Security

Kibana privileges

edit

Kibana privileges

edit

Kibana privileges grant users access to features within Kibana. Roles have privileges to determine whether users have write or read access.

Base privileges

edit

Assigning a base privilege grants access to all Kibana features, such as Discover, Dashboard, Visualize Library, and Canvas.

all
Grants full read-write access.
read
Grants read-only access.

Assigning base privileges

edit

From the role management screen:

Assign base privilege

Using the role APIs:

PUT /api/security/role/my_kibana_role
{
  "elasticsearch": {
    "cluster" : [ ],
    "indices" : [ ]
  },
  "kibana": [
    {
      "base": ["all"],
      "feature": {},
      "spaces": ["marketing"]
    }
  ]
}

Feature privileges

edit

Assigning a feature privilege grants access to a specific feature.

all
Grants full read-write access.
read
Grants read-only access.

Sub-feature privileges

edit

Some features allow for finer access control than the all and read privileges. This additional level of control is a subscription feature.

Assigning feature privileges

edit

From the role management screen:

Assign feature privilege

Using the role APIs:

PUT /api/security/role/my_kibana_role
{
  "elasticsearch": {
    "cluster" : [ ],
    "indices" : [ ]
  },
  "kibana": [
    {
      "base": [],
      "feature": {
        "visualize": ["all"],
        "dashboard": ["read", "url_create"]
      },
      "spaces": ["marketing"]
    }
  ]
}
« Kibana role management API Keys »