Default role/access for users added in readonlyrest.yml file

Hi,

I am failry new to ROR plugin and I have recently installed ROR plugin(1.55.0) to secure access to Elasticsearch v8.2.3.

I was able to do it successfully using basic HTTP auth rule in the readonlyrest.yml file but i couldnt find any information about the default level of access/assigned role to the user which is added to the readonlyrest.yml file under access_control_rules block.
My readonlyrest.yml looks something like below:

readonlyrest: **
** access_control_rules:

** - name: “Require HTTP Basic Auth”**
** type: allow**
** auth_key:Admin:password**

ssl:
** enable: true**
** keystore_file: “ids.p12”**
** keystore_pass: password**
** key_pass: password**
** truststore_file: “truststore.p12”**
** truststore_pass: password**

** ssl_internode:**
** enable: true**
** keystore_file: “ids.p12”**
** keystore_pass: password**
** key_pass: password**

Please advise whats the default access level/assigned role for the user ‘Admin’.

Thanks!

Hi @Mayank.Tripathi

ROR configuration is a classical ACL, not RBAC.

In your example you have one block defined: “Require HTTP Basic Auth”. It has the type “allow”, so it means that if the block is matched, the request will be allowed. Then there is the auth_key rule used. It means that the request should contain credentials in the Authorization header. If the credentials are correct, the rule is matched. If all rules in the block are matched, the request is matched. If at least one rule is not matched, the request is forbidden.

You can read about our ACL here: https://docs.readonlyrest.com/elasticsearch#acl-basics. All available rules are described here: https://docs.readonlyrest.com/elasticsearch#rules

Hi @coutoPL ,

Thanks for the explanation. Appreciate the quick help!