Version: SG FLX
Community

This is a Technical Preview and should not yet be used in production.

Security Integration

Automated Index Management ships with predefined action groups that can easily be assigned to Search Guard roles.

AIM action groups

Action group name Note
SGS_AIM_ALL Grants access to all AIM APIs
SGS_AIM_POLICY_READ Grants read-only access to all AIM Policies
SGS_AIM_POLICY_MANAGE Grants permissions to create, delete and read AIM Policies
SGS_AIM_POLICY_INSTANCE_READ Grants access to read the current status of an index managed by AIM
SGS_AIM_POLICY_INSTANCE_MANAGE Grants access to manually execute, retry and read the current status of an index

Applying AIM permission to Search Guard roles

Permissions for the AIM APIs are assigned to roles in the cluster_permissions section of the role definition.

sg_aim_manager:
  cluster_permissions:
    - SGS_AIM_POLICY_INSTANCE_MANAGE
  index_permissions:
    ...
  tenant_permissions:
    ...


Not what you were looking for? Try the search.