Kibana privileges
Stack
Kibana privileges grant users access to features within Kibana. Roles have privileges to determine whether users have write or read access.
To learn how to assign privileges to a role, refer to Defining roles.
Assigning a base privilege grants access to all Kibana features, such as Discover, Dashboard, Visualize Library, and Canvas.
all- Grants full read-write access.
read- Grants read-only access.
From the role management screen:
Using the role APIs:
PUT /api/security/role/my_kibana_role
{
"elasticsearch": {
"cluster" : [ ],
"indices" : [ ]
},
"kibana": [
{
"base": ["all"],
"feature": {},
"spaces": ["marketing"]
}
]
}
Assigning a feature privilege grants access to a specific feature.
all- Grants full read-write access.
read- Grants read-only access.
Some features allow for finer access control than the all and read privileges. This additional level of control is a subscription feature.
From the role management screen:
Using the role APIs:
PUT /api/security/role/my_kibana_role
{
"elasticsearch": {
"cluster" : [ ],
"indices" : [ ]
},
"kibana": [
{
"base": [],
"feature": {
"visualize_v2": ["all"],
"dashboard_v2": ["read", "url_create"]
},
"spaces": ["marketing"]
}
]
}