Helo @vernal, most likely you have a kibana_access rule in place, and by design, not even if you set it to “admin” you can get write privileges to indices other than your “kibana_index”.
This is done because the kibana_access rule is designed to allow the use of Kibana in general as a data representation tool, and prevent accidental tampering of data indices.
Possible workarounds:
add an ACL block above the one that represents your user or group, it has to be identical minus the kibana_access rule. Add to it an actions rule that allows some actions you want the user to be able to do from dev tools.
I would like to create a user who can only view dashboards for ag-indexed data. However, after I logged into ag-user, I only saw something like “No spaces match search criteria”. What is wrong with my setting?
@vernal the ROR version, go to the ROR kibana app (where the ROR YAML settings can be edited) an scroll to the bottom, you will see in the middle a string with the version. Alternatively:
cat /usr/share/kibana/plugins/readonlyrest_kbn/package.json |grep version
How to upgrade to 1.19.4? Do I need to uninstall and reinstall? Or is there any command to upgrade it directly?
Besides, when I go to “download” page, I can only see version numbers for kibana and elasticsearch, but I cannot see version number for readonlyrest. How could I find the right version for readonlyrest?
I upgraded both ES and kibana to 1.19.4. However, I still got the same error for ag-user account. What might be the cause for this?
Another question is: I have the following two account: one is ag-user, another one is ag-user-admin. Actually I am not quite sure about the creation of indices “.kibana_ag”. Is this the right way to create .kibana_ag by mentioning it as below? So that ag-user-admin can edit the dashboard and ag-user can only view the dashboard? Do I need to do something else for .kibana_ag?
First question: i’m a bit lost because the topic changed too many times from the original question. Can you post again what’s the error and logs for the CURRENT issue? Do you still get errors in default spaces creation?
Second question: looks good to me, the other thing you could do is to have a “kibana_access: ro” user that can edit the dashboards, but cannot access the readonlyrest_kbn Kibana app.
My current issue is when I logged in as ag-user, I still cannot see anything and the only message I got from the screen is “No spaces match search criteria”.
“tags”:[“error”,“readonlyrest_kbn:onPreResponse”],“pid”:437453,“message”:“got an error [404] Not Found for path /internal/spaces/_active_space”}
amp":“2020-04-02T17:54:38Z”,“tags”:[“error”,“readonlyrest_kbn:onPreResponse”],“pid”:437453,“message”:“index not found, will return the useful error.”}