sg_roles regular expression

[rajesh nataraja]

Hello Guardians of Elastic,

Iam using ES 6.1.4 with Search Guard search-guard-6-6.1.4-22.3

No Enterprise modeules.

JVM 1.8.

I have a question about sg_roles.yml configuration, Can I do the following to map all users whose name starts with "test" to certain sg_roles_starfleet?

sg_roles_starfleet:
  users:
    - 'test*'

My sg_config is

sh-4.2# cat sg_config.yml
searchguard:
  dynamic:
    authc:
      clientcert_auth_domain:
        enabled: true
        http_enabled: true
        transport_enabled: true
        order: 1
        http_authenticator:
          type: clientcert
          config:
            username_attribute: cn #optional, if omitted DN becomes username
          challenge: false
        authentication_backend:
          type: noop

Thanks

Rajesh.

When asking questions, please provide the following information:

* Search Guard and Elasticsearch version

* Installed and used enterprise modules, if any

* JVM version and operating system version

* Search Guard configuration files

* Elasticsearch log messages on debug level

* Other installed Elasticsearch or Kibana plugins, if any

[SG]

sure, should work

> --
> You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/b92bdc22-59e3-4791-9f55-d9fb237420f5%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

[rajesh nataraja]

Thanks. Tried that out and seems to work.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/DCF997A2-65B8-4388-BF26-27562A56D992%40search-guard.com.

For more options, visit https://groups.google.com/d/optout.

--

--Rajesh