Field level security for nested fields



I’m trying to setup the field level security for some of my users, but so far it doesn’t seem to work for the nested fields. Maybe I’m specifying them wrong?

I’m using readonlyrest-1.16.33_es6.5.4 and my rule looks like this:

- name: 'Test field level security'
auth_key: testuser:password
actions: [ 'indices:admin/template/get', 'indices:admin/mappings/get', 'indices:admin/mappings/fields/get', 'indices:admin/validate/query', 'indices:admin/get', 'indices:data/read/*' ]
indices: [ 'test-*' ]
fields: [ "_*", "@timestamp", "field1", "field2.nested1", "field2.nested2", "field3" ]

In general it works, but my testuser doesn’t see the nested fields (“field2.nested1”, “field2.nested2”)

What am I doing wrong?
Thank you

(Simone Scarduzio) #2

Hi @metsaviha, at the moment field level security does not support nested fields. Are you an Enterprise customer?


No, I’m Pro customer.

(Simone Scarduzio) #4

OK thanks, I added this feature to the roadmap!