Exclude index patterns

robmartin · May 29, 2020, 12:59pm

is it possible to apply exclude index patterns to an index permission?
For example

 "index_permissions": [
        {
            "index_patterns": [
                "*",
                "~documents*"
            ],
            "fls": [],
            "masked_fields": [],
            "allowed_actions": [
                "read"
            ]
        }
    ]

I tried this but it didn’t work

mee · February 1, 2021, 2:09pm

Were you able to solve this? What version are you running?

Mussorgsky · February 4, 2021, 4:22am

When defining roles you’d typically declare what permissions (or action_gourps) are granted at the cluster or index level; and with more recent versions, you could also define what permissions (or action_groups) are excluded both at the cluster and index level as well.

In roles.yml you’d have something similar to this:

complex-role:
  cluster_permissions:
  - ...
  exclude_cluster_permissions:
  - ...
  index_permissions:
  - index_patterns:
    - ...
    allowed_actions:
    - ...
  exclude_index_permissions:
  - index_patterns:
    - ...
    actions:
    - ...

Using these “excluded” permissions, you could define one or more roles to restrict access to your indices.

Topic		Replies	Views
Applying index permissions by exception? General Feedback discuss	1	303	February 7, 2023
Open Distro Security Role Index Pattern Permission Forbidden Security	1	693	March 15, 2021
Index patterns and index permissions Security configure	1	663	April 25, 2022
How to limit user's access to a group of indices only Security	8	1203	April 16, 2021
How to avoid error of "no permission" when searching using an index pattern? Security	3	406	March 10, 2021

Exclude index patterns

Related Topics