User Guide for Siren Federate

Configuring Action Groups

Here is a list of action groups that are suitable for Federate.

sg_action_groups.yml. 

###### INDEX LEVEL ######

INDICES_ALL:
  - "indices:*"

MANAGE:
  - "indices:monitor/*"
  - "indices:admin/*"                                           1

WRITE:
  - "indices:data/write*"
  - "indices:admin/mapping/put"

READ:                                                           2
  - "indices:data/read*"

VIEW_INDEX_METADATA:                                            3
  - "indices:admin/aliases/get"
  - "indices:admin/aliases/exists"
  - "indices:admin/get"
  - "indices:admin/exists"
  - "indices:admin/mappings/fields/get*"
  - "indices:admin/mappings/get*"
  - "indices:admin/mappings/federate/connector/get*"
  - "indices:admin/mappings/federate/connector/fields/get*"
  - "indices:admin/types/exists"
  - "indices:admin/validate/query"
  - "indices:monitor/settings/get"

###### CLUSTER LEVEL ######

CLUSTER_ALL:
  - "cluster:*"

CLUSTER_MONITOR:
  - "cluster:monitor/*"                                         4

CLUSTER_COMPOSITE_OPS:
  -  CLUSTER_COMPOSITE_OPS_RO
  - "indices:data/write/bulk"

CLUSTER_COMPOSITE_OPS_RO:
  - "indices:data/read/mget"
  - "indices:data/read/msearch"
  - "indices:data/read/mtv"
  - "indices:data/read/scroll*"

CLUSTER_MANAGE:                                                 5
  - CLUSTER_INTERNAL_FEDERATE
  - "cluster:admin/federate/*"
  - "indices:admin/aliases*"

CLUSTER_INTERNAL_FEDERATE:                                      6
  - "cluster:internal/federate/*"
  1. Federate’s actions related to index administration are prefixed with indices:admin/federate
  2. Federate’s actions related to index read are prefixed with indices:data/read/federate
  3. Grants permission to read index metadata, like getting field mapping
  4. Federate’s actions related to cluster monitoring are prefixed with cluster:monitor/federate
  5. Federate’s actions related to Federate administration are prefixed with cluster:admin/federate
  6. All internal Federate’s actions are prefixed with cluster:internal/federate