Config a role in roles.yml but cannot specify some privileges

xujohn · July 11, 2019, 7:00pm

I defined a customer role in roles.yml such as:

my_user_role:
cluster: [ 'all' ]
indices:
- names: [ '' ]
privileges: [ 'all' ]
applications: ['']
run_as: ['*']

After starting elasticsearch and logged in kibana to look the roles:

GET /_security/role/my_user_role

I found the run_as and applications are empty arrays , no matter how I put values inside.

Why do the values not shown in privileges such as applications and run_as?

The out put from GET returns :

{
"my_user_role" : {
"cluster" : [
"all"
],
"indices" : [
{
"names" : [
"*"
],
"privileges" : [
"read"
],
"allow_restricted_indices" : false
}
],
"applications" : [ ],
"run_as" : [ ],
"metadata" : { },
"transient_metadata" : {
"enabled" : true
}
}
}

Thank you.

John

TimV · July 12, 2019, 4:29am

Roles defined through the API and roles defined in roles.yml are separate.
You cannot use the API to view roles.yml

xujohn · July 12, 2019, 3:02pm

Thank you Tim. Do you mean I can define role1 in roles.yml and role1 (exactly same name) in API the same time? Which, API one or yml one, will be picked up by elastic search?

TimV · July 16, 2019, 7:34am

It will pick up the yml one.

system · August 13, 2019, 7:34am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.