All Downloads are FREE. Search and download functionalities are using the official Maven repository.

static_config.static_roles.yml Maven / Gradle / Ivy

There is a newer version: 1.13.1.0
Show newest version
---
_meta:
  type: "roles"
  config_version: 2

all_access:
  reserved: true
  hidden: false
  static: true
  description: "Allow full access to all indices and all cluster APIs"
  cluster_permissions:
    - "*"
  index_permissions:
    - index_patterns:
        - "*"
      allowed_actions:
        - "*"
  tenant_permissions:
    - tenant_patterns:
        - "*"
      allowed_actions:
        - "kibana_all_write"

kibana_user:
  reserved: true
  hidden: false
  static: true
  description: "Provide the minimum permissions for a kibana user"
  cluster_permissions:
    - "indices_monitor"
    - "cluster_composite_ops"
  index_permissions:
    - index_patterns:
        - ".kibana"
        - ".kibana-6"
        - ".kibana_*"
      allowed_actions:
        - "read"
        - "delete"
        - "manage"
        - "index"
    - index_patterns:
        - ".tasks"
        - ".management-beats"
      allowed_actions:
        - "indices_all"

own_index:
  reserved: true
  hidden: false
  static: true
  description: "Allow all for indices named like the current user"
  cluster_permissions:
  - "cluster_composite_ops"
  index_permissions:
  - index_patterns:
    - "${user_name}"
    allowed_actions:
    - "indices_all"

  
manage_snapshots:
  reserved: true
  hidden: false
  static: true
  description: "Provide the minimum permissions for managing snapshots"
  cluster_permissions:
  - "manage_snapshots"
  index_permissions:
  - index_patterns:
    - "*"
    allowed_actions:
    - "indices:data/write/index"
    - "indices:admin/create"
  
kibana_server:
  reserved: true
  hidden: false
  static: true
  description: "Provide the minimum permissions for the Kibana server"
  cluster_permissions:
  - "cluster_monitor"
  - "cluster_composite_ops"
  - "indices:admin/template*"
  - "indices:data/read/scroll*"
  index_permissions:
  - index_patterns:
    - ".kibana"
    allowed_actions:
    - "indices_all"
  - index_patterns:
    - ".kibana-6"
    allowed_actions:
    - "indices_all"
  - index_patterns:
    - ".kibana_*"
    allowed_actions:
    - "indices_all"
  - index_patterns:
    - ".reporting*"
    allowed_actions:
    - "indices_all"
  - index_patterns:
    - ".monitoring*"
    allowed_actions:
    - "indices_all"
  - index_patterns:
    - ".tasks"
    allowed_actions:
    - "indices_all"
  - index_patterns:
    - ".management-beats*"
    allowed_actions:
    - "indices_all"
  - index_patterns:
    - "*"
    allowed_actions:
    - "indices:admin/aliases*"

logstash:
  reserved: true
  hidden: false
  static: true
  description: "Provide the minimum permissions for logstash and beats"
  cluster_permissions:
  - "cluster_monitor"
  - "cluster_composite_ops"
  - "indices:admin/template/get"
  - "indices:admin/template/put"
  - "cluster:admin/ingest/pipeline/put"
  - "cluster:admin/ingest/pipeline/get"
  index_permissions:
  - index_patterns:
    - "logstash-*"
    allowed_actions:
    - "crud"
    - "create_index"
  - index_patterns:
    - "*beat*"
    allowed_actions:
    - "crud"
    - "create_index"
  
readall_and_monitor:
  reserved: true
  hidden: false
  static: true
  description: "Provide the minimum permissions for to readall indices and monitor the cluster"
  cluster_permissions:
  - "cluster_monitor"
  - "cluster_composite_ops_ro"
  index_permissions:
  - index_patterns:
    - "*"
    allowed_actions:
    - "read"
  
readall:
  reserved: true
  hidden: false
  static: true
  description: "Provide the minimum permissions for to readall indices"
  cluster_permissions:
  - "cluster_composite_ops_ro"
  index_permissions:
  - index_patterns:
    - "*"
    allowed_actions:
    - "read"
  




© 2015 - 2024 Weber Informatics LLC | Privacy Policy