Create a role with dynamic "run_as" field

stack-security
#1

Hi,

I would like to create a role like this:

POST /_xpack/security/role/my_dynamic_role
{
  "run_as" : [ $user ],
  ...
}

so that, e.g., when a user1 is assigned to my_dynamic_role that role will be rendered as:

{
  "run_as" : [ user1 ]
}

but when a user2 is assigned to my_dynamic_role that role will be rendered as:

{
  "run_as" : [ user2 ]
}

Is it possible to define a role like that somehow?

Thanks

(Tim Vernum) #2

No, it is not possible to do that.
You can create a custom role provider in Java, but even then each role needs to have a fixed value for run_as, so you would need to define a role per user.

(system) closed #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.