[Breaking change] Dashboard only mode has been removed #81690
Description
Change description
Which release will ship the breaking change?
8.0
Describe the change. How will it manifest to users?
Dashboard-only mode has been removed. Users are advised to use feature privileges instead. Any users who are assigned a role that is configured for dashboard only mode will be able to see other applications besides just Dashboards in Kibana.
How many users will be affected?
Some users will be impacted, but my hunch is that a minority of users will be impacted by this.
What can users do to address the change manually?
Create a new custom-role which only grants read-only access to the Dashboard feature, and assign this role in-place of the dashboard-only mode role
How could we make migration easier with the Upgrade Assistant?
This is a rather large ask, but we'd have to look at Kibana's Advanced Settings in each space to see which roles are specified as dashboard-only mode roles, and create/update custom roles which grant them read-only access to the Dashboard feature.
Are there any edge cases?
No
Test Data
Using the reserved role
POST /_security/user/old_user
{
"password" : "password",
"roles" : [ "kibana_dashboard_only_user" ],
"full_name" : "Kibana User"
}
Using a custom role
POST /_security/role/old_role
{
"applications" : [
{
"application" : "kibana-.kibana",
"privileges" : [
"all"
],
"resources" : [
"*"
]
}
]
}
POST /_security/user/old_user
{
"password" : "password",
"roles" : [ "old_role" ],
"full_name" : "Kibana User"
}
curl 'http://localhost:5601/api/kibana/settings' \
-H 'kbn-xsrf: true' \
-H 'content-type: application/json' \
-u elastic:changeme \
--data-binary '{"changes":{"xpackDashboardMode:roles":["old_role"]}}'
Cross links
N/A