1 # Allows everything, but no changes to searchguard configuration index
13 # Read all, but no write permissions
17 - CLUSTER_COMPOSITE_OPS_RO
23 # Read all and monitor, but no write permissions
24 sg_readall_and_monitor:
27 - CLUSTER_COMPOSITE_OPS_RO
33 # For users which use kibana, access to indices must be granted separately
38 - CLUSTER_COMPOSITE_OPS
66 - indices:data/read/field_caps*
67 - indices:data/read/xpack/rollup*
68 - indices:admin/mappings/get*
71 # For the kibana server
76 - CLUSTER_COMPOSITE_OPS
77 - cluster:admin/xpack/monitoring*
78 - indices:admin/template*
79 - indices:data/read/scroll*
104 - "indices:admin/aliases*"
106 # For logstash and beats
110 - CLUSTER_COMPOSITE_OPS
111 - indices:admin/template/get
112 - indices:admin/template/put
123 # Allows adding and modifying repositories and creating and restoring snapshots
130 - "indices:data/write/index"
131 - "indices:admin/create"
133 # Allows each user to access own named index
136 - CLUSTER_COMPOSITE_OPS
142 ### X-Pack COMPATIBILITY
146 - cluster:monitor/xpack/info
147 - cluster:monitor/main
148 - cluster:admin/xpack/monitoring/bulk
157 - indices:data/read/scroll
158 - cluster:admin/xpack/watcher*
159 - cluster:monitor/xpack/watcher*
164 '?watcher-history-*':
167 '?triggered_watches':
173 - indices:admin/aliases/get
175 sg_xp_machine_learning:
178 - cluster:admin/persistent*
179 - cluster:internal/xpack/ml*
180 - indices:data/read/scroll*
181 - cluster:admin/xpack/ml*
182 - cluster:monitor/xpack/ml*
192 ### LEGACY ROLES, FOR COMPATIBILITY ONLY
193 ### WILL BE REMOVED IN SG7, DO NOT USE ANYMORE
195 sg_readonly_and_monitor:
198 - CLUSTER_COMPOSITE_OPS_RO
204 # Make xpack monitoring work
207 - cluster:admin/xpack/monitoring/*
208 - cluster:admin/ingest/pipeline/put
209 - cluster:admin/ingest/pipeline/get
210 - indices:admin/template/get
211 - indices:admin/template/put
213 - CLUSTER_COMPOSITE_OPS
226 - indices:data/read/field_caps
228 # Make xpack alerting work
231 - indices:data/read/scroll
232 - cluster:admin/xpack/watcher/watch/put
233 - cluster:admin/xpack/watcher*
235 - CLUSTER_COMPOSITE_OPS
243 '?watcher-history-*':
246 '?triggered_watches':
256 - indices:admin/template/get
257 - indices:admin/template/put
258 - CLUSTER_COMPOSITE_OPS