OpenSearch/x-pack/qa/sql/security/roles.yml

# tag::rest
rest_minimal:
  indices:
    - names: test
      privileges: [read, "indices:admin/get"]
    - names: bort
      privileges: [read, "indices:admin/get"]
# end::rest

# tag::cli_jdbc
cli_or_jdbc_minimal:
  cluster:
    - "cluster:monitor/main"
  indices:
    - names: test
      privileges: [read, "indices:admin/get"]
    - names: bort
      privileges: [read, "indices:admin/get"]
# end::cli_jdbc

read_something_else:
  cluster:
    - "cluster:monitor/main"
  indices:
    - names: something_that_isnt_test
      privileges: [read, "indices:admin/get"]

read_test_a:
  cluster:
    - "cluster:monitor/main"
  indices:
    - names: test
      privileges: [read, "indices:admin/get"]
      field_security:
        grant: [a]

read_test_a_and_b:
  cluster:
    - "cluster:monitor/main"
  indices:
    - names: test
      privileges: [read, "indices:admin/get"]
      field_security:
        grant: ["*"]
        except: [c]

read_test_without_c_3:
  cluster:
    - "cluster:monitor/main"
  indices:
    - names: test
      privileges: [read, "indices:admin/get"]
      query: |
        {
          "bool": {
            "must_not": [
              {
                "match": {
                  "c": 3
                }
              }
            ]
          }
        }

read_bort:
  cluster:
    - "cluster:monitor/main"
  indices:
    - names: bort
      privileges: [read, "indices:admin/get"]

no_monitor_main:
  indices:
    - names: test
      privileges: [read, "indices:admin/get"]
    - names: bort
      privileges: [read, "indices:admin/get"]

no_get_index:
  cluster:
    - "cluster:monitor/main"
  indices:
    - names: test
      privileges: [read]
    - names: bort
      privileges: [read]
Add comments inadvertently removed during migrate A few files had their first comment removed even though it did not contain a license. This re-adds those comments. 2018-04-24 14:41:09 -04:00			`# tag::rest`
SQL: More tests and docs for permissions (elastic/x-pack-elasticsearch#3679) Adds tests for what works and what doesn't when we're missing some of SQL's required permissions. Adds required permissions to the documentation of each SQL access method. relates elastic/x-pack-elasticsearch#3552 Original commit: elastic/x-pack-elasticsearch@971dabb3b4536b0ccad916975788723c8b0315a0 2018-02-01 17:20:44 -05:00			`rest_minimal:`
			`indices:`
			`- names: test`
			`privileges: [read, "indices:admin/get"]`
			`- names: bort`
			`privileges: [read, "indices:admin/get"]`
			`# end::rest`

			`# tag::cli_jdbc`
			`cli_or_jdbc_minimal:`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`cluster:`
SQL: More tests and docs for permissions (elastic/x-pack-elasticsearch#3679) Adds tests for what works and what doesn't when we're missing some of SQL's required permissions. Adds required permissions to the documentation of each SQL access method. relates elastic/x-pack-elasticsearch#3552 Original commit: elastic/x-pack-elasticsearch@971dabb3b4536b0ccad916975788723c8b0315a0 2018-02-01 17:20:44 -05:00			`- "cluster:monitor/main"`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`indices:`
			`- names: test`
SQL: replace JDBC transport meta columns with SQL call (elastic/x-pack-elasticsearch#3740) Replace meta column endpoint with SYS COLUMNS command Original commit: elastic/x-pack-elasticsearch@819874bc5be2fb1ccd4d6f9c3466c5579f05d55d 2018-01-29 12:18:24 -05:00			`privileges: [read, "indices:admin/get"]`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`- names: bort`
SQL: replace JDBC transport meta columns with SQL call (elastic/x-pack-elasticsearch#3740) Replace meta column endpoint with SYS COLUMNS command Original commit: elastic/x-pack-elasticsearch@819874bc5be2fb1ccd4d6f9c3466c5579f05d55d 2018-01-29 12:18:24 -05:00			`privileges: [read, "indices:admin/get"]`
SQL: More tests and docs for permissions (elastic/x-pack-elasticsearch#3679) Adds tests for what works and what doesn't when we're missing some of SQL's required permissions. Adds required permissions to the documentation of each SQL access method. relates elastic/x-pack-elasticsearch#3552 Original commit: elastic/x-pack-elasticsearch@971dabb3b4536b0ccad916975788723c8b0315a0 2018-02-01 17:20:44 -05:00			`# end::cli_jdbc`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00
			`read_something_else:`
			`cluster:`
SQL: More tests and docs for permissions (elastic/x-pack-elasticsearch#3679) Adds tests for what works and what doesn't when we're missing some of SQL's required permissions. Adds required permissions to the documentation of each SQL access method. relates elastic/x-pack-elasticsearch#3552 Original commit: elastic/x-pack-elasticsearch@971dabb3b4536b0ccad916975788723c8b0315a0 2018-02-01 17:20:44 -05:00			`- "cluster:monitor/main"`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`indices:`
			`- names: something_that_isnt_test`
SQL: replace JDBC transport meta columns with SQL call (elastic/x-pack-elasticsearch#3740) Replace meta column endpoint with SYS COLUMNS command Original commit: elastic/x-pack-elasticsearch@819874bc5be2fb1ccd4d6f9c3466c5579f05d55d 2018-01-29 12:18:24 -05:00			`privileges: [read, "indices:admin/get"]`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00
			`read_test_a:`
			`cluster:`
SQL: More tests and docs for permissions (elastic/x-pack-elasticsearch#3679) Adds tests for what works and what doesn't when we're missing some of SQL's required permissions. Adds required permissions to the documentation of each SQL access method. relates elastic/x-pack-elasticsearch#3552 Original commit: elastic/x-pack-elasticsearch@971dabb3b4536b0ccad916975788723c8b0315a0 2018-02-01 17:20:44 -05:00			`- "cluster:monitor/main"`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`indices:`
			`- names: test`
SQL: replace JDBC transport meta columns with SQL call (elastic/x-pack-elasticsearch#3740) Replace meta column endpoint with SYS COLUMNS command Original commit: elastic/x-pack-elasticsearch@819874bc5be2fb1ccd4d6f9c3466c5579f05d55d 2018-01-29 12:18:24 -05:00			`privileges: [read, "indices:admin/get"]`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`field_security:`
			`grant: [a]`

			`read_test_a_and_b:`
			`cluster:`
SQL: More tests and docs for permissions (elastic/x-pack-elasticsearch#3679) Adds tests for what works and what doesn't when we're missing some of SQL's required permissions. Adds required permissions to the documentation of each SQL access method. relates elastic/x-pack-elasticsearch#3552 Original commit: elastic/x-pack-elasticsearch@971dabb3b4536b0ccad916975788723c8b0315a0 2018-02-01 17:20:44 -05:00			`- "cluster:monitor/main"`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`indices:`
			`- names: test`
SQL: replace JDBC transport meta columns with SQL call (elastic/x-pack-elasticsearch#3740) Replace meta column endpoint with SYS COLUMNS command Original commit: elastic/x-pack-elasticsearch@819874bc5be2fb1ccd4d6f9c3466c5579f05d55d 2018-01-29 12:18:24 -05:00			`privileges: [read, "indices:admin/get"]`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`field_security:`
			`grant: ["*"]`
			`except: [c]`

			`read_test_without_c_3:`
			`cluster:`
SQL: More tests and docs for permissions (elastic/x-pack-elasticsearch#3679) Adds tests for what works and what doesn't when we're missing some of SQL's required permissions. Adds required permissions to the documentation of each SQL access method. relates elastic/x-pack-elasticsearch#3552 Original commit: elastic/x-pack-elasticsearch@971dabb3b4536b0ccad916975788723c8b0315a0 2018-02-01 17:20:44 -05:00			`- "cluster:monitor/main"`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`indices:`
			`- names: test`
SQL: replace JDBC transport meta columns with SQL call (elastic/x-pack-elasticsearch#3740) Replace meta column endpoint with SYS COLUMNS command Original commit: elastic/x-pack-elasticsearch@819874bc5be2fb1ccd4d6f9c3466c5579f05d55d 2018-01-29 12:18:24 -05:00			`privileges: [read, "indices:admin/get"]`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`query: \|`
			`{`
			`"bool": {`
			`"must_not": [`
			`{`
			`"match": {`
			`"c": 3`
			`}`
			`}`
			`]`
			`}`
			`}`

			`read_bort:`
			`cluster:`
SQL: More tests and docs for permissions (elastic/x-pack-elasticsearch#3679) Adds tests for what works and what doesn't when we're missing some of SQL's required permissions. Adds required permissions to the documentation of each SQL access method. relates elastic/x-pack-elasticsearch#3552 Original commit: elastic/x-pack-elasticsearch@971dabb3b4536b0ccad916975788723c8b0315a0 2018-02-01 17:20:44 -05:00			`- "cluster:monitor/main"`
Revert "Revert "Merge branch 'feature/sql'"" This reverts commit elastic/x-pack-elasticsearch@cc79e199112db85b08a6e0682b123bb2a82445e8. We'll merge this when we're good and ready. Original commit: elastic/x-pack-elasticsearch@b3ef4f2836eda281bce7c3c2c1730933d868efa9 2017-12-13 10:19:31 -05:00			`indices:`
			`- names: bort`
SQL: replace JDBC transport meta columns with SQL call (elastic/x-pack-elasticsearch#3740) Replace meta column endpoint with SYS COLUMNS command Original commit: elastic/x-pack-elasticsearch@819874bc5be2fb1ccd4d6f9c3466c5579f05d55d 2018-01-29 12:18:24 -05:00			`privileges: [read, "indices:admin/get"]`
SQL: More tests and docs for permissions (elastic/x-pack-elasticsearch#3679) Adds tests for what works and what doesn't when we're missing some of SQL's required permissions. Adds required permissions to the documentation of each SQL access method. relates elastic/x-pack-elasticsearch#3552 Original commit: elastic/x-pack-elasticsearch@971dabb3b4536b0ccad916975788723c8b0315a0 2018-02-01 17:20:44 -05:00
			`no_monitor_main:`
			`indices:`
			`- names: test`
			`privileges: [read, "indices:admin/get"]`
			`- names: bort`
			`privileges: [read, "indices:admin/get"]`

			`no_get_index:`
			`cluster:`
			`- "cluster:monitor/main"`
			`indices:`
			`- names: test`
			`privileges: [read]`
			`- names: bort`
			`privileges: [read]`