Dashboards & Visualizations

Role based access control for developers to only view the dashboards

shreerajShetty
Loves-to-Learn

Im trying to create a role for a developer in our organization where the developer is only allowed to view the dashboard which is created by the admin or the person who has edit_own_objects capablity attached to his role....

when I created a role for developer which has the below capablities attached to its role:

capabilities = [
  "search",
  "list_all_objects",
  "rest_properties_get",
  "embed_report"
]

Now when I login as a developer and when I try viewing the dashboards its visible and its in read mode only but the developer can create new dashboards also which shouldnt be allowed.

How can i restrict developer from creating a new dashboard?

And also automatically the below capablities gets added to the role along with the ones which ive specified above:

run_collect

run_mcollect

schedule_rtsearch

edit_own_objects


Ive also given read access in the specific dashboard permissions setting for the developers role only..



Labels (1)
0 Karma

dural_yyz
Motivator

Check what roles are inherited like "user" which would carry up the ability to create a dashboard.  Please check which version you have, I believe in version 9.3.x you should look for this.

[capability::edit_view_html]
* Lets a user create, edit, or otherwise modify HTML-based views.

https://docs.splunk.com/Documentation/Splunk/9.3.0/Admin/authorizeconf

 

0 Karma

shreerajShetty
Loves-to-Learn

Thanks @dural_yyz..
But my user has a role which doesnt have the edit_view_html capablity. But still he's able to create dashboard.

 

0 Karma

dural_yyz
Motivator
| rest splunk_server=local /services/authorization/roles
| rename title as role
| table role capabilities imported_capabilities imported_roles

Sorry to belabor this point but I'm not certain you have answered my question.  Does the role import another role which has the setting?  The above REST call on the Search Head the user is assigned will tell you the exact information.

If you have already checked and no stray imports are occurring then my apologies for keeping after this point.  I've reviewed the documentation on capabilities and just can't find anything that would explain the user behavior.

0 Karma
Get Updates on the Splunk Community!

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

See your relevant APM services, dashboards, and alerts in one place with the updated ...

As a Splunk Observability user, you have a lot of data you have to manage, prioritize, and troubleshoot on a ...

Index This | What goes away as soon as you talk about it?

May 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s ...