Config a role in roles.yml but cannot specify some privileges

xujohn · July 11, 2019, 7:00pm

I defined a customer role in roles.yml such as:

my_user_role:
cluster: [ 'all' ]
indices:
- names: [ '' ]
privileges: [ 'all' ]
applications: ['']
run_as: ['*']

After starting elasticsearch and logged in kibana to look the roles:

GET /_security/role/my_user_role

I found the run_as and applications are empty arrays , no matter how I put values inside.

Why do the values not shown in privileges such as applications and run_as?

The out put from GET returns :

{
"my_user_role" : {
"cluster" : [
"all"
],
"indices" : [
{
"names" : [
"*"
],
"privileges" : [
"read"
],
"allow_restricted_indices" : false
}
],
"applications" : [ ],
"run_as" : [ ],
"metadata" : { },
"transient_metadata" : {
"enabled" : true
}
}
}

Thank you.

John

TimV · July 12, 2019, 4:29am

Roles defined through the API and roles defined in roles.yml are separate.
You cannot use the API to view roles.yml

xujohn · July 12, 2019, 3:02pm

Thank you Tim. Do you mean I can define role1 in roles.yml and role1 (exactly same name) in API the same time? Which, API one or yml one, will be picked up by elastic search?

TimV · July 16, 2019, 7:34am

It will pick up the yml one.

system · August 13, 2019, 7:34am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Try to define an admin role (used setting similar to superuser) but not work Elasticsearch elastic-stack-security	3	1833	August 13, 2019
How to cofigure roles.yml and role-mapping.yml in pki Elasticsearch elastic-stack-security	2	650	July 5, 2019
X-pack and Active directory integration Elasticsearch	6	1824	March 30, 2017
Using LDAP to set up Users and Roles in elasticsearch.yml file Elasticsearch elastic-stack-security	16	705	February 17, 2023
How to specify role when using search API Elasticsearch	5	472	August 27, 2018

Config a role in roles.yml but cannot specify some privileges

Related topics