I’m trying to setup the field level security for some of my users, but so far it doesn’t seem to work for the nested fields. Maybe I’m specifying them wrong?
I’m using readonlyrest-1.16.33_es6.5.4 and my rule looks like this:
- name: 'Test field level security'
actions: [ 'indices:admin/template/get', 'indices:admin/mappings/get', 'indices:admin/mappings/fields/get', 'indices:admin/validate/query', 'indices:admin/get', 'indices:data/read/*' ]
indices: [ 'test-*' ]
fields: [ "_*", "@timestamp", "field1", "field2.nested1", "field2.nested2", "field3" ]
In general it works, but my testuser doesn’t see the nested fields (“field2.nested1”, “field2.nested2”)
What am I doing wrong?