2017-04-06 21:29:29 -04:00
|
|
|
[[security-privileges]]
|
|
|
|
=== Security Privileges
|
|
|
|
|
|
|
|
This section lists the privileges that you can assign to a role.
|
|
|
|
|
|
|
|
[[privileges-list-cluster]]
|
|
|
|
==== Cluster Privileges
|
|
|
|
|
|
|
|
[horizontal]
|
|
|
|
`all`::
|
|
|
|
All cluster administration operations, like snapshotting, node shutdown/restart,
|
|
|
|
settings update, rerouting, or managing users and roles.
|
|
|
|
|
|
|
|
`monitor`::
|
2018-04-19 12:27:40 -04:00
|
|
|
All cluster read-only operations, like cluster health and state, hot threads,
|
|
|
|
node info, node and cluster stats, and pending cluster tasks.
|
2017-04-06 21:29:29 -04:00
|
|
|
|
2017-04-18 18:13:21 -04:00
|
|
|
`monitor_ml`::
|
2017-05-02 15:45:42 -04:00
|
|
|
All read only {ml} operations, such as getting information about {dfeeds}, jobs,
|
2017-04-18 18:13:21 -04:00
|
|
|
model snapshots, or results.
|
|
|
|
|
2017-04-11 11:28:55 -04:00
|
|
|
`monitor_watcher`::
|
|
|
|
All read only watcher operations, such as getting a watch and watcher stats.
|
|
|
|
|
2017-04-06 21:29:29 -04:00
|
|
|
`manage`::
|
|
|
|
Builds on `monitor` and adds cluster operations that change values in the cluster.
|
2018-04-19 12:27:40 -04:00
|
|
|
This includes snapshotting, updating settings, and rerouting. It also includes
|
|
|
|
obtaining snapshot and restore status. This privilege does not include the
|
|
|
|
ability to manage security.
|
2017-04-06 21:29:29 -04:00
|
|
|
|
|
|
|
`manage_index_templates`::
|
|
|
|
All operations on index templates.
|
|
|
|
|
2017-04-18 18:13:21 -04:00
|
|
|
`manage_ml`::
|
2017-05-02 15:45:42 -04:00
|
|
|
All {ml} operations, such as creating and deleting {dfeeds}, jobs, and model
|
2017-04-18 18:13:21 -04:00
|
|
|
snapshots.
|
2017-09-26 16:26:02 -04:00
|
|
|
+
|
|
|
|
--
|
2018-03-15 06:26:56 -04:00
|
|
|
NOTE: {dfeeds-cap} that were created prior to version 6.2 or created when {security}
|
|
|
|
was disabled run as a system user with elevated privileges, including permission
|
|
|
|
to read all indices. Newer {dfeeds} run with the security roles of the user who created
|
|
|
|
or updated them.
|
2017-09-26 16:26:02 -04:00
|
|
|
|
|
|
|
--
|
2017-04-18 18:13:21 -04:00
|
|
|
|
2017-04-06 21:29:29 -04:00
|
|
|
`manage_pipeline`::
|
|
|
|
All operations on ingest pipelines.
|
|
|
|
|
2017-04-18 18:13:21 -04:00
|
|
|
`manage_security`::
|
|
|
|
All security related operations such as CRUD operations on users and roles and
|
|
|
|
cache clearing.
|
|
|
|
|
2017-04-11 11:28:55 -04:00
|
|
|
`manage_watcher`::
|
|
|
|
All watcher operations, such as putting watches, executing, activate or acknowledging.
|
2017-09-26 16:26:02 -04:00
|
|
|
+
|
|
|
|
--
|
2018-03-15 06:26:56 -04:00
|
|
|
NOTE: Watches that were created prior to version 6.1 or created when {security}
|
|
|
|
was disabled run as a system user with elevated privileges, including permission
|
|
|
|
to read and write all indices. Newer watches run with the security roles of the user
|
|
|
|
who created or updated them.
|
2017-09-26 16:26:02 -04:00
|
|
|
|
|
|
|
--
|
2017-04-11 11:28:55 -04:00
|
|
|
|
2017-04-06 21:29:29 -04:00
|
|
|
`transport_client`::
|
2017-04-21 07:37:34 -04:00
|
|
|
All privileges necessary for a transport client to connect. Required by the remote
|
|
|
|
cluster to enable <<cross-cluster-configuring,Cross Cluster Search>>.
|
2017-04-06 21:29:29 -04:00
|
|
|
|
|
|
|
[[privileges-list-indices]]
|
|
|
|
==== Indices Privileges
|
|
|
|
|
|
|
|
[horizontal]
|
|
|
|
`all`::
|
|
|
|
Any action on an index
|
|
|
|
|
|
|
|
`monitor`::
|
2018-04-19 12:27:40 -04:00
|
|
|
All actions that are required for monitoring (recovery, segments info, index
|
|
|
|
stats and status).
|
2017-04-06 21:29:29 -04:00
|
|
|
|
|
|
|
`manage`::
|
|
|
|
All `monitor` privileges plus index administration (aliases, analyze, cache clear,
|
|
|
|
close, delete, exists, flush, mapping, open, force merge, refresh, settings,
|
|
|
|
search shards, templates, validate).
|
|
|
|
|
|
|
|
`view_index_metadata`::
|
|
|
|
Read-only access to index metadata (aliases, aliases exists, get index, exists, field mappings,
|
|
|
|
mappings, search shards, type exists, validate, warmers, settings). This
|
2017-08-10 15:56:03 -04:00
|
|
|
privilege is primarily available for use by {kib} users.
|
2017-04-06 21:29:29 -04:00
|
|
|
|
|
|
|
`read`::
|
|
|
|
Read only access to actions (count, explain, get, mget, get indexed scripts,
|
|
|
|
more like this, multi percolate/search/termvector, percolate, scroll,
|
2017-07-28 12:00:14 -04:00
|
|
|
clear_scroll, search, suggest, tv).
|
2017-04-06 21:29:29 -04:00
|
|
|
|
2017-04-21 07:37:34 -04:00
|
|
|
`read_cross_cluster`::
|
|
|
|
Read only access to the search action from a <<cross-cluster-configuring,remote cluster>>.
|
|
|
|
|
2017-04-06 21:29:29 -04:00
|
|
|
`index`::
|
|
|
|
Privilege to index and update documents. Also grants access to the update
|
|
|
|
mapping action.
|
|
|
|
|
|
|
|
`create`::
|
|
|
|
Privilege to index documents. Also grants access to the update mapping
|
|
|
|
action.
|
2018-04-19 10:52:30 -04:00
|
|
|
+
|
|
|
|
--
|
|
|
|
NOTE: This privilege does not restrict the index operation to the creation
|
|
|
|
of documents but instead restricts API use to the index API. The index API allows a user
|
|
|
|
to overwrite a previously indexed document.
|
|
|
|
|
|
|
|
--
|
2017-04-06 21:29:29 -04:00
|
|
|
|
|
|
|
`delete`::
|
|
|
|
Privilege to delete documents.
|
|
|
|
|
|
|
|
`write`::
|
|
|
|
Privilege to perform all write operations to documents, which includes the
|
|
|
|
permission to index, update, and delete documents as well as performing bulk
|
|
|
|
operations. Also grants access to the update mapping action.
|
|
|
|
|
|
|
|
`delete_index`::
|
|
|
|
Privilege to delete an index.
|
|
|
|
|
|
|
|
`create_index`::
|
|
|
|
Privilege to create an index. A create index request may contain aliases to be
|
|
|
|
added to the index once created. In that case the request requires the `manage`
|
|
|
|
privilege as well, on both the index and the aliases names.
|
|
|
|
|
|
|
|
==== Run As Privilege
|
|
|
|
|
|
|
|
The `run_as` permission enables an authenticated user to submit requests on
|
|
|
|
behalf of another user. The value can be a user name or a comma-separated list
|
|
|
|
of user names. (You can also specify users as an array of strings or a YAML
|
|
|
|
sequence.) For more information, see
|
|
|
|
<<run-as-privilege, Submitting Requests on Behalf of Other Users>>.
|