Hello everyone,
I'm using ELK stack 6.8, but I want to replace kibana with my own simple ui which will fit better for my case.
My app should contain user management, restrictions for operations (eg some users will be able only to read data from one index, some - from all indexes, some - read and write into indexes), so I want to keep x-pack for elasticsearch.
I've checked x-pack api for elasticsearch X-Pack APIs | Elasticsearch Guide [6.8] | Elastic
and I found that every user role should have a reference to existing privilege from privilege api.
While api is quite clear, body structure sometimes is not, so I have question in this regard:
What are all possible actions values for elasticsearch? From the doc I can see:
actions
(array-of-string) A list of action names that are granted by this privilege. This field must exist and cannot be an empty array.
I've tried to create my own privilege without any permissions
"no-priv": {
"application": "kibana-.kibana",
"name": "no-priv",
"actions": [
"some_dummy_action/"
],
"metadata": {}
},
and then I tried to make a simple search to elasticsearch directly to elasticsearch endpoint
http://localhost:9200/my_index/_search
with this role assigned to new user, but I got error
action [indices:data/read/search] is unauthorized for user [test_user_no_priv]
So, it is obvious, that I have to write "indices:data/read/search" in actions for my custom privelege "no-priv", but where can I find full list of all possible actions?
In default kibana's priveleges I can see different list of actions and probably all of them are managed by x-pack on kibana's side, not on elasticsearch.