roles yml changes for security-analytics plugin (#2192) (#2225)

* roles yml changes for security-analytics plugin Signed-off-by: Raj Chakravarthi <[email protected]> Signed-off-by: Raj Chakravarthi <[email protected]> (cherry picked from commit 89a11c5) Co-authored-by: Peter Nied <[email protected]>
opensearch-project · Nov 3, 2022 · 4533c8c · 4533c8c
1 parent 2a1e7d7
commit 4533c8c
Showing 1 changed file with 35 additions and 0 deletions.
diff --git a/config/roles.yml b/config/roles.yml
@@ -255,3 +255,38 @@ point_in_time_full_access:
  - '*'
  allowed_actions:
  - 'manage_point_in_time'
+
+# Allows users to see security analytics detectors and others
+security_analytics_read_access:
+ reserved: true
+ cluster_permissions:
+ - 'cluster:admin/opensearch/securityanalytics/alerts/get'
+ - 'cluster:admin/opensearch/securityanalytics/detector/get'
+ - 'cluster:admin/opensearch/securityanalytics/detector/search'
+ - 'cluster:admin/opensearch/securityanalytics/findings/get'
+ - 'cluster:admin/opensearch/securityanalytics/mapping/get'
+ - 'cluster:admin/opensearch/securityanalytics/mapping/view/get'
+ - 'cluster:admin/opensearch/securityanalytics/rule/get'
+ - 'cluster:admin/opensearch/securityanalytics/rule/search'
+
+# Allows users to use all security analytics functionality
+security_analytics_full_access:
+ reserved: true
+ cluster_permissions:
+ - 'cluster:admin/opensearch/securityanalytics/alerts/*'
+ - 'cluster:admin/opensearch/securityanalytics/detector/*'
+ - 'cluster:admin/opensearch/securityanalytics/findings/*'
+ - 'cluster:admin/opensearch/securityanalytics/mapping/*'
+ - 'cluster:admin/opensearch/securityanalytics/rule/*'
+ index_permissions:
+ - index_patterns:
+ - '*'
+ allowed_actions:
+ - 'indices:admin/mapping/put'
+ - 'indices:admin/mappings/get'
+
+# Allows users to view and acknowledge alerts
+security_analytics_ack_alerts:
+ reserved: true
+ cluster_permissions:
+ - 'cluster:admin/opensearch/securityanalytics/alerts/*'