Dashboards & Visualizations
Highlighted

What are the options for dashboard permissions?

Ultra Champion

When setting the Edit Permissions for a dashboard, our users see the Everyone option and the roles they belong to. Is there a way to customize it beyond this way?

Interestingly, we have in <app>/metadata/local.meta -

[]
access = read : [ admin,<user role> ], write : [ admin …]
export = none

And the user who is part of the user role could not see anything unless we assigned the permissions to EVERYONE – Read.

Tags (2)
0 Karma
Highlighted

Re: What are the options for dashboard permissions?

SplunkTrust
SplunkTrust

What you want your Edit Permissions options to be?

View solution in original post

Highlighted

Re: What are the options for dashboard permissions?

Ultra Champion

A certain user role, because we ended up having separate roles for power and user. So, the power user can't assign permissions to the corresponding user role of this specific app.

0 Karma
Highlighted

Re: What are the options for dashboard permissions?

SplunkTrust
SplunkTrust

You'd probably have to nest/inherit your 'power' user role from 'user' role to do that. As you've already identified"our users see the Everyone option and the roles they belong to/inherit from."

Highlighted

Re: What are the options for dashboard permissions?

Ultra Champion

Makes perfect sense @somesoni2.

What's the relation between this dashboard setting and the settings in <app>/metadata/local.meta because here at the app level 'user' does have read access?

0 Karma
Highlighted

Re: What are the options for dashboard permissions?

SplunkTrust
SplunkTrust

The default app level (one with [] or no stanza name) defines the access permissions on the app. A user has read permissions on the app means user can see the app in the app dropdown/tile on side bar and can launch the app. Sharing permissions on artifacts are handled explicitly.

Highlighted

Re: What are the options for dashboard permissions?

Ultra Champion

@somesoni2 - gorgeous as usual - much appreciated.

0 Karma
Highlighted

Re: What are the options for dashboard permissions?

Ultra Champion

What does EVERYONE mean @somesoni2?

0 Karma
Highlighted

Re: What are the options for dashboard permissions?

SplunkTrust
SplunkTrust

Everyone is denoted by * in the .meta files, which means any authenticated user in Splunk. So if your local.meta/default.meta says access = read : [ * ].., it means the specified artifact can be read by all Splunk users, unless permissions are overridden at app level.

Highlighted

Re: What are the options for dashboard permissions?

Ultra Champion

But the funny thing is that the user who assigns the permissions to the dashboard, can't see the access = read : [ * ].. settings.

0 Karma