› › ›

Kibana privileges

Kibana privileges grant users access to features within Kibana. Roles have privileges to determine whether users have write or read access.

Base privileges

edit

Assigning a base privilege grants access to all Kibana features, such as Discover, Dashboard, Visualize Library, and Canvas.

all: Grants full read-write access.
read: Grants read-only access.

Assigning base privileges

edit

From the role management screen:

Using the role APIs:

PUT /api/security/role/my_kibana_role
{
  "elasticsearch": {
    "cluster" : [ ],
    "indices" : [ ]
  },
  "kibana": [
    {
      "base": ["all"],
      "feature": {},
      "spaces": ["marketing"]
    }
  ]
}

Feature privileges

edit

Assigning a feature privilege grants access to a specific feature.

all: Grants full read-write access.
read: Grants read-only access.

Sub-feature privileges

edit

Some features allow for finer access control than the all and read privileges. This additional level of control is a subscription feature.

Assigning feature privileges

edit

From the role management screen:

Using the role APIs:

PUT /api/security/role/my_kibana_role
{
  "elasticsearch": {
    "cluster" : [ ],
    "indices" : [ ]
  },
  "kibana": [
    {
      "base": [],
      "feature": {
        "visualize": ["all"],
        "dashboard": ["read", "url_create"]
      },
      "spaces": ["marketing"]
    }
  ]
}

« Kibana role management API Keys »