Custom Roles users Cannot Access Agent Logs in Serverless - Githubissues

elastic / kibana

Your window into the Elastic Stack

https://www.elastic.co/products/kibana

Other

19.69k stars 8.24k forks source link

Custom Roles users Cannot Access Agent Logs in Serverless #201059

Open opauloh opened 1 week ago

opauloh commented 1 week ago

Describe the bug

Users with custom roles, even with minimum read permissions, are unable to view agent logs in the Session Viewer. The UI fails to display the logs, although the API requests return the expected data.

Preconditions

Serverless environment.
User with custom minimum read permissions:
- Elasticsearch Index Privileges: Includes * (Read).
- Kibana Privileges: Security (Read).

To Reproduce

Log in to the Serverless environment with the custom role user.
Navigate to Fleet page and select an agent.
Observe that agent logs are not displayed.
Check the network requests to confirm that APIs are returning data.

Expected behavior

Agent logs should be visible to users with appropriate read permissions.
If additional permissions are required, the UI should inform the user accordingly.

Version

Serverless build: 80725
Kibana Commit: 0ed82309e22a7fc8ac067c1dbf2c378735f86855

elasticmachine commented 1 week ago

Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)