Help needed in creating role to create index and alias but not view log data

[Shwetha M]

Hi All,

Is there a role that I can define which will have permission to create index and alias but not view log data?

I tried the following but had issues:

* Tried INDICES_ALL but I was able to see the log data as well.

 * Used logstash role where, 

    '*beat*':

      '*':

        - CRUD

        - CREATE_INDEX

I was able to create index with this but not alias.

Any suggestions on this will be very helpful.

Kibana version:5.5.1

Searchguard-elasticsearch: 5.5.1-16

Searchguard-Kibana: 5.5.1-4

Thanks & Regards,

Shwetha Mittur

When asking questions, please provide the following information:

* Search Guard and Elasticsearch version

* Installed and used enterprise modules, if any

* JVM version and operating system version

* Search Guard configuration files

* Elasticsearch log messages on debug level

* Other installed Elasticsearch or Kibana plugins, if any

[SG]

sg_rolexxx:
cluster:
- "indices:admin/aliases*"
indices:
'*beat*':
'*':
- CREATE_INDEX

> --
> You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/23dec696-ec89-485b-a06f-4bead595cb72%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

[Shwetha M]

Thank you for your prompt response. We were able to achieve this by using MANAGE option to do the index/alias operation.

Regards,

Shwetha Mittur