Contribution alignment and plans for "Dashboard only mode"?

Great to see this initiative here.

Do you have a rough roadmap for further features. How can community contributions be aligned properly (do you profer github Issues?)

As a small enhancement, we see:
Making the Kibana more Business User friendly, something similar to “Dashboard only mode” in “Xpack”
https://www.elastic.co/guide/en/kibana/6.5/xpack-dashboard-only-mode.html

Are there already plans for implementing this?

Best Regards
Andreas

1 Like

Hi Andreas,

If you have specific feature requests posting issues in GitHub is good so that we can mark them closed and link the PRs to the issues. Forums are good for discussion, brainstorming and getting help with technical issues - so not an issue to raise questions about features here.

On the Dashboard only request. Check out the built in “read-only role” for Kibana in Open Distro for Security. It should give you what you are looking for. Once applied, a user will see only their Dashboard tab, will be able to browse dashboards but not able to modify the dashboard or visualizations. Let us know if that works for your needs or if you have feedback.

Thanks!

Dear Carlmead,

I just tried to create a new kibana user and assigned him the backend role : kibana_read_only (reserved role).

When I log with this new user, all tabs are available and no dashboards are listed in the dashboard tab.

Is it this reserved role you were talking about ? What am I doing wrong ? I know, in search guard I had to add a lign in the kibana conf to activate this dashboard only mode.

Best regards,
Olivier

Thanks Carlmead. Creating a new role mapping for built-in role ‘kibana_read_only’ works. Now only the ‘Dashboard’ menu is shown.

One more question, because ‘Tenants’ seems to be a proprietary approach compared to ‘Spaces’: Do you have plans for a transition to the kibana standard ‘Spaces’ concept?

1 Like

Hi weand - Actually Spaces is a not an open source feature but covered by the Elastic’s proprietary license which doesn’t allow for re-distribution or modification - while Tenants via Open Distro for Elasticsearch is open sourced and licensed with an Apache 2.0 license. If there are usability or other functional improvements you would like to see in tenants, please feel free to log an issue: https://github.com/opendistro-for-elasticsearch/security-advanced-modules/issues.

Thanks!

I did the same, create a new role mapping with Backend roles of specific AD group, than I create own role and specify custom Index, as result - only dashboard menu (with all dashboards) is shown for users that is member of that AD group, actually it is what I want, but the question is, how to limit dashboard views for that users?
Thanks

Create a Local user - mine is “dashboard”. Add backend roles:

kibanauser
readall

Create Role Mapping -> kibana_read_only
-> under Users, add dashboard

Hope that helps. the “readall” backend role for the user implies that you can create a role for unique indices and use those to create dashboard users that have access to a limited set of indices.

Or… you can simply add the kibanaro user as a kibana_read_only user in Role Mappings

thanks for help, but I didn’t get it at all))
Could you please explain more detailed, many thanks

hi, in new released open distro version 1.0 there is no kibana_read_only role anymore, could you please give us some tips, how to implement Dashboard only mode in newes version, thanks