Merge "Add Searchguard OOM config to ElasticSearch"

author: James MacNider <James.MacNider@amdocs.com> 2019-03-12 17:02:41 +0000
committer: Gerrit Code Review <gerrit@onap.org> 2019-03-12 17:02:41 +0000
commit: a07aff75d4e86c2d9e0a0bb3b0111f2d609a5791 (patch)
tree: 5f066168589e2b76fc19c7ba04609a4b2b8597c4 /kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml
parent: c4b0b79045a56050f2ed0eee8f13237a90815c3c (diff)
parent: a1dd587d6a5204030bc266d371e6ec9fa7c95d7b (diff)
1 files changed, 38 insertions, 0 deletions
diff --git a/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml
new file mode 100644
index 0000000000..970e02763b
--- /dev/null
+++ b/kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml
@@ -0,0 +1,38 @@
+# In this file users, backendroles and hosts can be mapped to Search Guard roles.
+# Permissions for Search Guard roles are configured in sg_roles.yml
+
+sg_all_access:
+  readonly: true
+  backendroles:
+    - admin
+
+sg_logstash:
+  backendroles:
+    - logstash
+    
+sg_kibana_server:
+  readonly: true
+  users:
+    - kibanaserver
+    
+sg_kibana_user:
+  backendroles:
+    - kibanauser
+
+sg_readall:
+  readonly: true
+  backendroles:
+    - readall
+
+sg_manage_snapshots:
+  readonly: true
+  backendroles:
+    - snapshotrestore
+
+sg_own_index:
+  users:
+    - '*'
+
+sg_role_test:
+  users:
+    - test
author	James MacNider <James.MacNider@amdocs.com>	2019-03-12 17:02:41 +0000
committer	Gerrit Code Review <gerrit@onap.org>	2019-03-12 17:02:41 +0000
commit	a07aff75d4e86c2d9e0a0bb3b0111f2d609a5791 (patch)
tree	5f066168589e2b76fc19c7ba04609a4b2b8597c4 /kubernetes/aai/charts/aai-elasticsearch/resources/config/sg/sg_roles_mapping.yml
parent	c4b0b79045a56050f2ed0eee8f13237a90815c3c (diff)
parent	a1dd587d6a5204030bc266d371e6ec9fa7c95d7b (diff)