Security roles

sentient · March 4, 2020, 5:03am

what is the minimal security role permission a user would need to access the
_cluster/health api

when I just look at the documentation https://www.elastic.co/guide/en/elasticsearch/reference/current/built-in-roles.html
I find it difficult to digest what is, and what is not exactly covered.

My initial thought was 'monitoring_user' but that did not work.

Using 'superuser' worked, but that seems a bit too much.

Is there some better documentation on the permissions? If it is not in a standard role, what would I have to grant access on a custom role to achieve this

Thanks

Wolfram_Haussig · March 4, 2020, 6:53am

Hi,

I guess you were looking for the privilege monitor:

All cluster read-only operations, like cluster health and state, hot threads, node info, node and cluster stats, and pending cluster tasks.

So you would have to create a new role which has the cluster privilege of monitor.

More details here: Security privileges | Elasticsearch Guide [7.6] | Elastic

Best regards
Wolfram

sentient · March 4, 2020, 3:48pm

Thanks!

system · April 1, 2020, 3:48pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.