correct security settings

correct and adjust the security settings

Issue-ID: CLAMP-483

Change-Id: Id94672580ade132a7ff16241f44d8a4403b49383
Signed-off-by: osgn422w <gervais-martial.ngueko@intl.att.com>

1 files changed, 50 insertions, 0 deletions

diff --git a/src/main/docker/elasticsearch/securityconfig/roles.yml b/src/main/docker/elasticsearch/securityconfig/roles.yml
new file mode 100644
index 0000000..327464b
--- /dev/null
+++ b/src/main/docker/elasticsearch/securityconfig/roles.yml
@@ -0,0 +1,50 @@
+_meta:
+  type: "roles"
+  config_version: 2
+
+# Restrict users so they can only view visualization and dashboard on kibana
+kibana_read_only:
+  reserved: true
+
+# The security REST API access role is used to assign specific users access to change the security settings through the REST API.
+security_rest_api_access:
+  reserved: true
+ 
+# Allows users to view alerts
+alerting_view_alerts:
+  reserved: true
+  index_permissions:
+    - index_patterns:
+      - ".opendistro-alerting-alert*"
+      allowed_actions:
+        - read 
+
+# Allows users to view and acknowledge alerts
+alerting_crud_alerts:
+  reserved: true
+  index_permissions:
+    - index_patterns:
+      - ".opendistro-alerting-alert*"
+      allowed_actions:
+       - crud 
+
+# Allows users to use all alerting functionality
+alerting_full_access:
+  reserved: true
+  index_permissions:
+    - index_patterns:
+      - ".opendistro-alerting-config"
+      - ".opendistro-alerting-alert*"
+      allowed_actions:
+        - crud 
+
+clamp_admin_role:
+  reserved: false
+  index_permissions:
+    - index_patterns:
+      - "events*"
+      - "errors*"
+      - "dmaap*"
+      allowed_actions:
+        - crud 
+        - create_index
\ No newline at end of file