mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-05 20:48:22 +00:00
5fd68959a0
This is the ML equivalent of what was done for Watcher in elastic/x-pack-elasticsearch#2808. For security reasons, ML datafeeds should not run as the _xpack user. Instead, they record the security headers from the request to create/update them, and reuse these when performing the search to retrieve data for analysis. Relates elastic/x-pack-elasticsearch#1071 Original commit: elastic/x-pack-elasticsearch@29f85de404
18 lines
663 B
YAML
18 lines
663 B
YAML
minimal:
|
|
cluster:
|
|
# This is always required because the REST client uses it to find the version of
|
|
# Elasticsearch it's talking to
|
|
- cluster:monitor/main
|
|
indices:
|
|
# Give all users involved in these tests access to the indices where the data to
|
|
# be analyzed is stored, because the ML roles alone do not provide access to
|
|
# non-ML indices
|
|
- names: [ 'airline-data', 'index-*', 'unavailable-data', 'utopia' ]
|
|
privileges:
|
|
- indices:admin/create
|
|
- indices:admin/refresh
|
|
- indices:data/read/field_caps
|
|
- indices:data/read/search
|
|
- indices:data/write/bulk
|
|
- indices:data/write/index
|