- Kibana Guide: other versions:
- What is Kibana?
- What’s new in 7.12
- Kibana concepts
- Quick start
- Set up
- Install Kibana
- Configure Kibana
- Alerting and action settings
- APM settings
- Banners settings
- Development tools settings
- Graph settings
- Fleet settings
- i18n settings
- Logs settings
- Metrics settings
- Machine learning settings
- Monitoring settings
- Reporting settings
- Secure settings
- Search sessions settings
- Security settings
- Spaces settings
- Task Manager settings
- Telemetry settings
- Start and stop Kibana
- Access Kibana
- Securing access to Kibana
- Add data
- Upgrade Kibana
- Embed Kibana content in a web page
- Configure monitoring
- Configure security
- Production considerations
- Discover
- Dashboard
- Canvas
- Maps
- Machine learning
- Graph
- Observability
- APM
- Elastic Security
- Dev Tools
- Stack Monitoring
- Stack Management
- Fleet
- Reporting
- Alerting and Actions
- REST API
- Kibana plugins
- Accessibility
- Release notes
- Developer guide
Granting access to Kibana
editGranting access to Kibana
editThe Elastic Stack comes with the kibana_admin
built-in role, which you can use to grant access to all Kibana features in all spaces. To grant users access to a subset of spaces or features, you can create a custom role that grants the desired Kibana privileges.
When you assign a user multiple roles, the user receives a union of the roles’ privileges. Therefore, assigning the kibana_admin
role in addition to a custom role that grants Kibana privileges is ineffective because kibana_admin
has access to all the features in all spaces.
When running multiple tenants of Kibana by changing the kibana.index
in your kibana.yml
,
you cannot use kibana_admin
to grant access. You must create custom roles that authorize the user for that specific tenant. Although multi-tenant installations are supported, the recommended approach to securing access to Kibana segments is to grant users access to specific spaces.