Wildcards in run_as_role

security

#1

Hey guys,

I am playing with user/role management API in Shield 2.3 (thanks for getting this out!).

I observed that I can specify users in the run_as_role list using wildcards! This is super useful to me. However, this feature is not documented here: https://www.elastic.co/guide/en/shield/current/submitting-requests-for-other-users.html.

Just wanted to make sure the configuration works as intended and this is merely a documentation issue :wink:

Thx!


(Jay Modi) #2

The wildcard usage is definitely intended and I agree that we can improve the documentation here so I will open up a issue to get some more detail added. Also, if it helps, not only are wildcards supported but you can also use the special regular expression syntax. Note: you'll need to wrap the expression in / characters at the beginning and end.


(system) #3