Questions about /_cat/... permissions


we have one of our users which have only access to ROR indices .
if this user needs to run /_cat/indices or /_cat/shards for example , he gets only the results which related to readonlyrest indices .
if this user needs to get the output of all indices will I need to add read permissions for “*” or there is something else I can set ?
this user doesn’t need to see the indexes data but need to see the full output of /_cat/indices and other /_cat commands .


If there is no restriction on indices for this user, let’s not have the indices rule at all. Maybe just the actions rule. See the ROR log lines to identify the correct action strings (“ACT” field).

@sscarduzio I’m experiencing a similar problem, I receive no output when I run GET /_cat/indices. However, I do see output from GET _cat/shards/. This user should have no restrictions. I’ve tried removing the indices and actions rules. I’ve also tried using “*” for both. I’m running ES 5.6.16.

Thank you

please, try to use this build:

@coutoPL Yes that worked!! Is there a bug in the public release?

1 Like

yes, in 1.18.8. We’ll release 1.18.9 with fix soon