Kibana Roles Introduction
Kibana Security Roles give you granular control of access to your Stacks. Roles allow you to specify cluster permissions, index permissions, document and field level security. By mapping users to roles they gain access based on those permissions.
Tip: Kibana security roles requires a Logit Stack running Opendistro 1.13 onwards
By default all Logit Teams come with the roles shown below for common scenarios, to modify a team roles choose Account Settings > Team Settings from your dashboard. You can add a new team or edit an existing team to modify the roles.
When you add or update a team the roles are automatically synchronised to Kibana security for you, removing the need for manually mapping users to roles in Kibana. You can read more details below about what permissions each role grants to users.
Kibana Stack Administrator
Kibana Role name: stack_admin
This role is assigned by default to all Logit Account Owners and allows them to manage all aspects of Kibana Security including users, roles, mappings and index level security in Kibana.
Kibana Role name: stack_user
Users assigned this role have access to all aspects of the Kibana UI. Users with this role can make changes to visualisations, dashboards, and other Kibana objects.
Kibana User Read Only
Kibana Role name: stack_user_ro
Users assigned this role have Read Only access to all aspects of the Kibana UI. Users with this role cannot make any changes to visualisations, dashboards, and other Kibana objects.
It's worth noting that in order to add someone to the stack_user_ro role you would need to remove them from the stack_user role.
Kibana User Dashboard Only
Kibana Role name: stack_dashboard_only
Users assigned to this role can view all Dashboards as Read Only. Users with this role cannot make any changes to visualisations, dashboards, and other Kibana objects.
Kibana Custom Role
Users assigned to this role can view the Kibana instance but permissions are managed entirely using the Security Roles in Kibana. Use this role if you want to manually manage the permissions for the users e.g. granting them specific index level permissions. Once a team or user has this role you can manage what they see in Kibana by choosing Kibana > Security > Roles, this is explained in further detail below.