2

I'm looking for the correct way to give users anonymous access to a Kibana dashboard, but at the same time preventing them from having access to other Kibana features. I read that the role kibana_dashboard_only_user is now deprecated (I'm on 7.6.2), and that I have to give anonymous users the cluster monitor privilege, so I tried creating a role that has:

  • cluster monitor privilege
  • read and view-metadata access to the index concerned
  • dashbaord read privilege on global spaces

but is doesn't work: I get the following error:

[security_exception] action [indices:data/read/search] is unauthorized for user [anonymous_user]

then I tried adding the read rights on the indices .kibana*. It worked, but all the Kibana features are available, not only the dashboards.

How can I solve this? Thanks.

Flatline1963
  • 137
  • 1
  • 9
  • Have you tried this https://www.elastic.co/guide/en/elasticsearch/reference/current/anonymous-access.html from the Kibana docs? – Nathan Reese Apr 11 '20 at 22:34
  • @NathanReese : of course I did. That page (which - I believe - belongs to ES docs, not to Kibana docs) explains how to configure Elasticsearch so to allow anonymous access, and that's exactly what I did. My point is about HOW should I configure the roles (the "role1" and "role2" in the page) in order to give to anonymous users the right to see dashboards, and nothing else. – Flatline1963 Apr 12 '20 at 14:17
  • @Flatline1963, have you been able to solve it or found a workaround yet? – dp119 Nov 15 '20 at 02:21
  • No, I unfortunately haven't. – Flatline1963 Nov 16 '20 at 11:01
  • I've done the same, and apparently the same outcome. I have to try the Role Mapping feature, but looks like this stack is evolving so that anonymous access is not allowed. A pity – Johann May 17 '21 at 16:04

0 Answers0