Configuring Action Groups
Here is a list of action groups that are suitable for Federate.
sg_action_groups.yml.
###### INDEX LEVEL ###### INDICES_ALL: - "indices:*" MANAGE: - "indices:monitor/*" - "indices:admin/*" 1 WRITE: - "indices:data/write*" - "indices:admin/mapping/put" READ: 2 - "indices:data/read*" VIEW_INDEX_METADATA: 3 - "indices:admin/aliases/get" - "indices:admin/aliases/exists" - "indices:admin/get" - "indices:admin/exists" - "indices:admin/mappings/fields/get*" - "indices:admin/mappings/get*" - "indices:admin/mappings/federate/connector/get*" - "indices:admin/mappings/federate/connector/fields/get*" - "indices:admin/types/exists" - "indices:admin/validate/query" - "indices:monitor/settings/get" ###### CLUSTER LEVEL ###### CLUSTER_ALL: - "cluster:*" CLUSTER_MONITOR: - "cluster:monitor/*" 4 CLUSTER_COMPOSITE_OPS: - CLUSTER_COMPOSITE_OPS_RO - "indices:data/write/bulk" CLUSTER_COMPOSITE_OPS_RO: - "indices:data/read/mget" - "indices:data/read/msearch" - "indices:data/read/mtv" - "indices:data/read/scroll*" CLUSTER_MANAGE: 5 - CLUSTER_INTERNAL_FEDERATE - "cluster:admin/federate/*" - "indices:admin/aliases*" CLUSTER_INTERNAL_FEDERATE: 6 - "cluster:internal/federate/*"
- Federate’s actions related to index administration are prefixed with
indices:admin/federate
- Federate’s actions related to index read are prefixed with
indices:data/read/federate
- Grants permission to read index metadata, like getting field mapping
- Federate’s actions related to cluster monitoring are prefixed with
cluster:monitor/federate
- Federate’s actions related to Federate administration are prefixed with
cluster:admin/federate
- All internal Federate’s actions are prefixed with
cluster:internal/federate