Questions about /_cat/... permissions


#1

Hi,

we have one of our users which have only access to ROR indices .
if this user needs to run /_cat/indices or /_cat/shards for example , he gets only the results which related to readonlyrest indices .
if this user needs to get the output of all indices will I need to add read permissions for “*” or there is something else I can set ?
this user doesn’t need to see the indexes data but need to see the full output of /_cat/indices and other /_cat commands .

thanks


(Simone Scarduzio) #2

If there is no restriction on indices for this user, let’s not have the indices rule at all. Maybe just the actions rule. See the ROR log lines to identify the correct action strings (“ACT” field).