Access rights to management page

Hello,
I have some users able to create and update visualizations and dashboards and I noticed they can also access the app/management page and modify general parameters. Is there a way to prevent them from doing that?

Thanks.

Could you share your user’s roles configuration?

Hi, put together, it would be :

  • Cluster : indices:data/read/mget, indices:data/write/bulk

  • Index :

    • .kibana_* : read, write, search
    • someprefix* : indices:data/read/search
  • tenant : specific_tenant : Read and Write

Are you on OpenDistro or OpenSearch? What version number are you running?

It looks like the write permission in .kibana_* allows making config changes.
You can either remove it or use kibana_read_all instead of read, write, search

It’s OpenDistro version 1.11.0.
But if I use kibana_read_all I can’t modify the visuals anymore.