mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-07 21:48:39 +00:00
c0156cbb5d
* [DOCS] Align with ILM API docs (#48705) * [DOCS] Reconciled with Snapshot/Restore reorg * [DOCS] Split off ILM overview to a separate topic. (#51287) * [DOCS} Split off overview to a separate topic. * [DOCS] Incorporated feedback from @jrodewig. * [DOCS] Edit ILM GS tutorial (#51513) * [DOCS] Edit ILM GS tutorial * [DOCS] Incorporated review feedback from @andreidan. * [DOCS] Removed test link & fixed anchor & title. * Update docs/reference/ilm/getting-started-ilm.asciidoc Co-Authored-By: James Rodewig <james.rodewig@elastic.co> * Fixed glossary merge error. Co-authored-by: James Rodewig <james.rodewig@elastic.co>
72 lines
2.3 KiB
Plaintext
72 lines
2.3 KiB
Plaintext
[role="xpack"]
|
|
[testenv="basic"]
|
|
[[snapshot-lifecycle-management]]
|
|
== Manage the snapshot lifecycle
|
|
|
|
You can set up snapshot lifecycle policies to automate the timing, frequency, and retention of snapshots.
|
|
Snapshot policies can apply to multiple indices.
|
|
|
|
The snapshot lifecycle management (SLM) <<snapshot-lifecycle-management-api, CRUD APIs>> provide
|
|
the building blocks for the snapshot policy features that are part of the Management application in {kib}.
|
|
The Snapshot and Restore UI makes it easy to set up policies, register snapshot repositories,
|
|
view and manage snapshots, and restore indices.
|
|
|
|
You can stop and restart SLM to temporarily pause automatic backups while performing
|
|
upgrades or other maintenance.
|
|
To disable SLM entirely, set `xpack.slm.enabled` to `false` in `elasticsearch.yml`.
|
|
|
|
[float]
|
|
[[slm-and-security]]
|
|
=== Security and SLM
|
|
|
|
Two built-in cluster privileges control access to the SLM actions when
|
|
{es} {security-features} are enabled:
|
|
|
|
`manage_slm`:: Allows a user to perform all SLM actions, including creating and updating policies
|
|
and starting and stopping SLM.
|
|
|
|
`read_slm`:: Allows a user to perform all read-only SLM actions,
|
|
such as getting policies and checking the SLM status.
|
|
|
|
`cluster:admin/snapshot/*`:: Allows a user to take and delete snapshots of any
|
|
index, whether or not they have access to that index.
|
|
|
|
For example, the following request configures an `slm-admin` role that grants the privileges
|
|
necessary for administering SLM.
|
|
|
|
[source,console]
|
|
-----------------------------------
|
|
POST /_security/role/slm-admin
|
|
{
|
|
"cluster": ["manage_slm", "cluster:admin/snapshot/*"],
|
|
"indices": [
|
|
{
|
|
"names": [".slm-history-*"],
|
|
"privileges": ["all"]
|
|
}
|
|
]
|
|
}
|
|
-----------------------------------
|
|
// TEST[skip:security is not enabled here]
|
|
|
|
Or, for a read-only role that can retrieve policies (but not update, execute, or
|
|
delete them), as well as only view the history index:
|
|
|
|
[source,console]
|
|
-----------------------------------
|
|
POST /_security/role/slm-read-only
|
|
{
|
|
"cluster": ["read_slm"],
|
|
"indices": [
|
|
{
|
|
"names": [".slm-history-*"],
|
|
"privileges": ["read"]
|
|
}
|
|
]
|
|
}
|
|
-----------------------------------
|
|
// TEST[skip:security is not enabled here]
|
|
|
|
include::getting-started-slm.asciidoc[]
|
|
|
|
include::slm-retention.asciidoc[] |