summaryrefslogtreecommitdiffstats
path: root/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml
diff options
context:
space:
mode:
Diffstat (limited to 'charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml')
-rw-r--r--charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml38
1 files changed, 38 insertions, 0 deletions
diff --git a/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml b/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml
new file mode 100644
index 0000000..970e027
--- /dev/null
+++ b/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml
@@ -0,0 +1,38 @@
+# In this file users, backendroles and hosts can be mapped to Search Guard roles.
+# Permissions for Search Guard roles are configured in sg_roles.yml
+
+sg_all_access:
+ readonly: true
+ backendroles:
+ - admin
+
+sg_logstash:
+ backendroles:
+ - logstash
+
+sg_kibana_server:
+ readonly: true
+ users:
+ - kibanaserver
+
+sg_kibana_user:
+ backendroles:
+ - kibanauser
+
+sg_readall:
+ readonly: true
+ backendroles:
+ - readall
+
+sg_manage_snapshots:
+ readonly: true
+ backendroles:
+ - snapshotrestore
+
+sg_own_index:
+ users:
+ - '*'
+
+sg_role_test:
+ users:
+ - test