Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add ILM privilege descriptions #172

Merged
merged 1 commit into from
Dec 18, 2018
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 13 additions & 1 deletion docs/en/stack/security/authorization/privileges.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,9 @@ patterns. It also includes the authority to grant the privileges necessary to
manage follower indices and auto-follow patterns. This privilege is necessary
only on clusters that contain follower indices.

`manage_ilm`::
All {Ilm} operations related to managing policies

`manage_index_templates`::
All operations on index templates.

Expand Down Expand Up @@ -78,6 +81,10 @@ metadata for leader indices in the cluster. It also includes the authority to
check whether users have the appropriate privileges to follow leader indices.
This privilege is necessary only on clusters that contain leader indices.

`read_ilm`::
All read only {Ilm} operations, such as getting policies and checking the
status of {Ilm}

`transport_client`::
All privileges necessary for a transport client to connect. Required by the remote
cluster to enable <<cross-cluster-configuring,Cross Cluster Search>>.
Expand Down Expand Up @@ -125,6 +132,11 @@ All actions that are required to manage the lifecycle of a follower index, which
includes creating a follower index, closing it, and converting it to a regular
index. This privilege is necessary only on clusters that contain follower indices.

`manage_ilm`::
All {Ilm} operations relating to managing the execution of policies of an index
This includes operations like retrying policies, and removing a policy
from an index.

`monitor`::
All actions that are required for monitoring (recovery, segments info, index
stats and status).
Expand All @@ -139,7 +151,7 @@ Read only access to the search action from a <<cross-cluster-configuring,remote

`view_index_metadata`::
Read-only access to index metadata (aliases, aliases exists, get index, exists, field mappings,
mappings, search shards, type exists, validate, warmers, settings). This
mappings, search shards, type exists, validate, warmers, settings, ilm). This
privilege is primarily available for use by {kib} users.

`write`::
Expand Down