iSharkFly-Docs
/
opensearch-docs-cn
mirror of https://github.com/iSharkFly-Docs/opensearch-docs-cn
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CCS-permissions (#1053) 

Signed-off-by: cwillum <cwmmoore@amazon.com>

Signed-off-by: cwillum <cwmmoore@amazon.com>
This commit is contained in:
Chris Moore 2022-09-01 08:48:42 -07:00 committed by GitHub
parent 3c66463f13
commit c3f2b7bdf1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_opensearch/rest-api/search.md
View File

@ -46,7 +46,7 @@ analyzer | String | Analyzer to use in the query string.
analyze_wildcard | Boolean | Whether the update operation should include wildcard and prefix queries in the analysis. Default is false.
batched_reduce_size | Integer | How many shard results to reduce on a node. Default is 512.
cancel_after_time_interval | Time | The time after which the search request will be canceled. Request-level parameter takes precedence over cancel_after_time_interval [cluster setting]({{site.url}}{{site.baseurl}}/opensearch/rest-api/cluster-settings). Default is -1.
css_minimize_roundtrips | Boolean | Whether to minimize roundtrips between a node and remote clusters. Default is true.
ccs_minimize_roundtrips | Boolean | Whether to minimize roundtrips between a node and remote clusters. Default is true.
default_operator | String | Indicates whether the default operator for a string query should be AND or OR. Default is OR.
df | String | The default field in case a field prefix is not provided in the query string.
docvalue_fields | String | The fields that OpenSearch should return using their docvalue forms.

5
_security-plugin/access-control/cross-cluster-search.md
View File

@ -32,12 +32,13 @@ You can have different authentication and authorization configurations on the re
## Permissions
To query indices on remote clusters, users need to have the following permissions for the index, in addition to `READ` or `SEARCH` permissions:
To query indexes on remote clusters, users need to have `READ` or `SEARCH` permissions. Furthermore, when the search request includes the query parameter `ccs_minimize_roundtrips=false` which tells OpenSearch not to minimize outgoing and ingoing requests to remote clusters users need to have the following additional permission for the index:
```
indices:admin/shards/search_shards
```
For more information about the `ccs_minimize_roundtrips` parameter, see the list of [parameters](https://opensearch.org/docs/latest/opensearch/rest-api/search/#url-parameters) for the Search API.
#### Sample roles.yml configuration
@ -49,7 +50,7 @@ humanresources:
'humanresources':
'*':
- READ
- indices:admin/shards/search_shards # needed for CCS
- indices:admin/shards/search_shards # needed when the search request includes parameter setting 'ccs_minimize_roundtrips=false'.
```