Mapping groups to users

Hi - Is there a way to define mapping between groups and users, i.e. what users are which groups? Looked at this link (, but could not figure out where group-user mapping is done.


X-Pack Security doesn't have groups, just roles.
You map users directly to roles.

The groups in the link you posted are groups that come from an external source like LDAP or Active Directory. We can use the groups defined in those sources as a way of determining which roles a user has.

Perhaps you can explain what problem you're trying to solve and we can offer a suggested solution.

Thanks Tim. I have an application that supports permission-based access for users and groups. Groups are supported even in non-AD scenario. I'm trying to figure out how to support the application's security model in Elasticsearch for the application's data that is indexed.

For a user in the application, a role can be created in ES and assigned to the user in ES.
For a group in the application (in non-AD case), I'm trying to figure out how to apply roles for the group to the users within it.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.