User Guide for Siren Federate

Configuring Role-Based Access Control

Given the action groups defined above, we can define two types of roles:

  • the federate_admin role which can administrate Federate. For example, this role can manage license, virtual indices, ingestion jobs, etc.
  • the federate_user role with read-only permissions which can execute Federate’s search requests against one or more indices (virtual or not).

sg_roles.yml. 

federate_admin:
  cluster:
    - CLUSTER_MANAGE                    1
    - CLUSTER_MONITOR                   2
  indices:
    'logstash-*':
      '*':
        - MANAGE
        - READ
        - VIEW_INDEX_METADATA           3

federate_user:
  cluster:
    - CLUSTER_INTERNAL_FEDERATE         4
  indices:
    companies:
      '*':
        - READ
        - VIEW_INDEX_METADATA           5
  1. Grants Federate cluster administration permissions.
  2. Grants Federate cluster monitoring permissions.
  3. Grants permissions to read index metadata. This is required given that the Federate’s query engine will access index schema metadata using indices:admin/mappings/fields/get during the query evaluation.
  4. Grants cluster-level permission for Federate’s internal actions. This is required for every Federate users.