- Kibana Guide: other versions:
- Introduction
- Get started
- Set Up Kibana
- Discover
- Visualize
- Creating a Visualization
- Saving Visualizations
- Using rolled up data in a visualization
- Line, Area, and Bar charts
- Controls Visualization
- Data Table
- Markdown Widget
- Metric
- Goal and Gauge
- Pie Charts
- Coordinate Maps
- Region Maps
- Timelion
- TSVB
- Tag Clouds
- Heatmap Chart
- Vega Graphs
- Inspecting Visualizations
- Dashboard
- Canvas
- Graph data connections
- Machine learning
- Elastic Maps
- Code
- Infrastructure
- Logs
- APM
- Uptime
- SIEM
- Dev Tools
- Stack Monitoring
- Management
- Reporting from Kibana
- REST API
- Kibana plugins
- Limitations
- Release Highlights
- Breaking Changes
- Release Notes
- Developer guide
Granting access to Kibana
editGranting access to Kibana
editThe Elastic Stack comes with the kibana_user
built-in role, which you can use to grant access to all Kibana features in all spaces. To grant users access to a subset of spaces or features, you can create a custom role that grants the desired Kibana privileges.
When you assign a user multiple roles, the user receives a union of the roles’ privileges. Therefore, assigning the kibana_user
role in addition to a custom role that grants Kibana privileges is ineffective because kibana_user
has access to all the features in all spaces.
When running multiple tenants of Kibana by changing the kibana.index
in your kibana.yml
,
you cannot use kibana_user
or kibana_dashboard_only_user
to grant access. You must create custom roles that authorize the user for that specific tenant. Although multi-tenant installations are supported, the recommended approach to securing access to Kibana segments is to grant users access to specific spaces.