-
Notifications
You must be signed in to change notification settings - Fork 24.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Document which APIs are affected by which role pivileges #37538
Comments
Pinging @elastic/es-security |
We've discussed this (a few times). Actually documenting which privileges are required by each Rest API is an impossible task. The API changes rapidly enough that the documentation simply can't keep up - and the way Elasticsearch works with plugins means that it's not something that is easy to generate automatically. There are 2 things we think we can do:
I'm going to raise issues for each of those, at which point I will close this issue. |
Currently our documentation states the Cluster andIndices privileges that you can set to your roles: https://www.elastic.co/guide/en/x-pack/current/security-privileges.html
That´s fine but there are many users not knowing the actual requests a particular privilege allows to do.
For example imagine the
manage_index_templates
privilege. Its description saysAll operations on index templates
. However many users might be confuser not being allowed to execute the_cat/templates
API call with this privilege.So there´s clearly a need to specify the APIs and actions that every privilege involves.
The text was updated successfully, but these errors were encountered: