How to prevent access to specific indexes?

security

(John Damore) #1

For a user role, I would like to provide access to all indexes except specific indexes patterns can I do that?

Something like:

user:
indices:
'': read
'.
': no access to these

Thanks


(Jay Modi) #2

Hi John,

One way to achieve this is to use the support for regular expressions in the roles file. These regular expressions user the Lucene Regexp format; some examples of this format can be be found in the elasticsearch documentation.

Do the indices that you don't want the user to access have a specific prefix or anything? If they do, you could define a regex like so:

user:
  indices:
    '/@$~(prefix.+)/': read

That example would allow any index that does not start with prefix.


(John Damore) #3

Thanks I used your example and just had to change the $ to a &
so
'/@&~(prefix.+)/': read


(system) #4