A certain user role, because we ended up having separate roles for power and user. So, the power user can't assign permissions to the corresponding user role of this specific app.

You'd probably have to nest/inherit your 'power' user role from 'user' role to do that. As you've already identified"our users see the Everyone option and the roles they belong to/inherit from."

Makes perfect sense @somesoni2.

What's the relation between this dashboard setting and the settings in <app>/metadata/local.meta because here at the app level 'user' does have read access?

The default app level (one with [] or no stanza name) defines the access permissions on the app. A user has read permissions on the app means user can see the app in the app dropdown/tile on side bar and can launch the app. Sharing permissions on artifacts are handled explicitly.

@somesoni2 - gorgeous as usual - much appreciated.

What does EVERYONE mean @somesoni2?

Everyone is denoted by * in the .meta files, which means any authenticated user in Splunk. So if your local.meta/default.meta says access = read : [ * ].., it means the specified artifact can be read by all Splunk users, unless permissions are overridden at app level.

But the funny thing is that the user who assigns the permissions to the dashboard, can't see the access = read : [ * ].. settings.

I also wonder if we can simply go and modify $SPLUNK_HOME/etc/apps/<app name>/metadata/local.meta for the specific artifact. Meaning, apply the desired changes behind the scenes.