this is also fixed in SG 6
> Am 06.12.2017 um 01:58 schrieb Tom Ryan <
tomr...@gmail.com>:
>
> It appears to me that URL shorting in Kibana requires a permission not granted to the default sg_kibana role:
>
> [2017-12-06T00:30:35,991][INFO ][c.f.s.c.PrivilegesEvaluator] No cluster-level perm match for User [name=redacted, roles=[]] [IndexType [index=.kibana, type=url]] [Action [indices:data/write/bulk]] [RolesChecked [sg_kibana, sg_public]]
>
> I found the log message a bit confusing... it appears the required permissions is "cluster:data/write/bulk".
>
> My understanding is that granting this permission to the sg_kibana user is acceptable security-wise, as they will still need explicit permission to underlying indices. To avoid granting alias controls to the sg_kibana role, I created a new action group called CLUSTER_COMPOSITE_OPS_BULK:
>
> CLUSTER_COMPOSITE_OPS_BULK:
> - "indices:data/write/bulk"
> - CLUSTER_COMPOSITE_OPS_RO
>
> Posting here in case it helps someone else, and in case there is a risk here I haven't thought of.
>
> --
> You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
search-guard...@googlegroups.com.
> To post to this group, send email to
search...@googlegroups.com.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/search-guard/13d59273-367c-4ae5-8191-4282ab27ac30%40googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.