I'm trying to use field-level security with ES. I have successfully created an index and populated it with some data. I have also defined a roles.yml
file:
regular:
cluster: all
indices:
- names: ['log-index']
privileges: ['read']
field_security:
grant: ['redacted_log']
and a role-mapping.yml
file:
regular:
- "cn=john"
In the Dockerfile
, I've added RUN elasticsearch-users useradd john -p 123456 -r regular
in order to create the user john
when the container starts.
What I would like to achieve is that the user john
can only access the redacted_log
field, since that user has a regular
role.
Because of this issue, I have security disabled in the elasticsearch.yml
file. Can I even use roles when security is disabled?
If yes, how can I test that john
only has access to the redacted_log
field in documents that are present in log_index
?