Skip to content

Commit

Permalink
move feature table
Browse files Browse the repository at this point in the history
  • Loading branch information
legrego committed Jun 20, 2019
1 parent 73a4f71 commit 695225f
Showing 1 changed file with 24 additions and 27 deletions.
51 changes: 24 additions & 27 deletions docs/security/authorization/index.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,6 @@ Open the **Spaces** selection control to specify whether to grant the role acces

Use the **Privilege** menu to grant access to features. The default is **Custom**, which you can use to grant access to individual features. Otherwise, you can grant read and write access to all current and future features by selecting **All**, or grant read access to all current and future features by selecting **Read**.

[IMPORTANT]
If a feature is hidden using the Spaces disabled features, it will remain hidden even if the user has the necessary privileges.

When using the **Customize by feature** option, you can choose either **All**, **Read** or **None** for access to each feature. As new features are added to Kibana, roles that use the custom option do not automatically get access to the new features. You must manually update the roles.

NOTE: Machine Learning and Stack Monitoring rely on built-in roles to grant access. When a user is assigned the appropriate roles, the Machine Learning and Stack Monitoring application are available; otherwise, these applications are not visible.
Expand All @@ -37,6 +34,30 @@ To apply your changes, click **Create space privilege**. The space privilege sho
[role="screenshot"]
image::security/images/create-space-privilege.png[Create space privilege]

==== Feature availability

Features are available to users when their roles grant access to the features, **and** those features are visible in their current space. The following matrix explains when features are available to users when controlling access via <<spaces-managing, spaces>> and role-based access control:

|===
|**Spaces config** |**Role config** |**Result**

|Feature hidden
|Feature disabled
|Feature not available

|Feature hidden
|Feature enabled
|Feature not available

|Feature visible
|Feature disabled
|Feature not available

|Feature visible
|Feature enabled
|**Feature available**
|===

==== Assigning different privileges to different spaces

Using the same role, it’s possible to assign different privileges to different spaces. After you’ve added space privileges, click **Add space privilege**. If you’ve already added privileges for either *** Global (all spaces)** or an individual space, you will not be able to select these in the **Spaces** selection control.
Expand Down Expand Up @@ -89,27 +110,3 @@ image::security/images/privilege-example-2.png[Privilege example 2]

[role="screenshot"]
image::security/images/privilege-example-3.png[Privilege example 3]

==== Feature availability

Features are available to users when their roles grant access to the features, **and** those features are visible in their current space. The following matrix explains when features are available to users when controlling access via <<spaces-managing, spaces>> and role-based access control:

|===
|**Spaces config** |**Role config** |**Result**

|Feature hidden
|Feature disabled
|Feature not available

|Feature hidden
|Feature enabled
|Feature not available

|Feature visible
|Feature disabled
|Feature not available

|Feature visible
|Feature enabled
|**Feature available**
|===

0 comments on commit 695225f

Please sign in to comment.