Module org.elasticsearch.xcore
Class IndexPrivilege
java.lang.Object
org.elasticsearch.xpack.core.security.authz.privilege.Privilege
org.elasticsearch.xpack.core.security.authz.privilege.IndexPrivilege
The name of an index related action always being with `indices:` followed by a sequence of slash-separated terms
that generally describes the hierarchy (from broader to more specific) of the action. For example, the
first level comprises `admin`, `monitor`, `data` which generally categorize an action into either an admin
related function, or a monitoring related function or a user-data related function. Subsequent levels further
narrow down the category until the meaning is specific enough.
Note that these terms are meant to categorize what the action does, *not* how it should be invoked. This means
whether an action is accessible via REST API should not contribute to its naming.
Also note that the `internal:transport/proxy/` prefix is automatically added and stripped for actions that go
through a CCR/CCS proxy. No action should be explicitly named like that.
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilegestatic final IndexPrivilege -
Method Summary
Modifier and TypeMethodDescriptionstatic Collection<String> findPrivilegesThatGrant(String action) Returns the names of privileges that grant the specified action.static IndexPrivilegestatic IndexPrivilegegetNamedOrNull(String name) names()Methods inherited from class org.elasticsearch.xpack.core.security.authz.privilege.Privilege
equals, getAutomaton, hashCode, name, predicate, sortByAccessLevel, toString
-
Field Details
-
NONE
-
ALL
-
READ
-
READ_CROSS_CLUSTER
-
CREATE
-
INDEX
-
DELETE
-
WRITE
-
CREATE_DOC
-
MONITOR
-
MANAGE
-
DELETE_INDEX
-
CREATE_INDEX
-
VIEW_METADATA
-
MANAGE_FOLLOW_INDEX
-
MANAGE_LEADER_INDEX
-
MANAGE_ILM
-
MANAGE_DATA_STREAM_LIFECYCLE
-
MAINTENANCE
-
AUTO_CONFIGURE
-
CROSS_CLUSTER_REPLICATION
-
CROSS_CLUSTER_REPLICATION_INTERNAL
-
ACTION_MATCHER
-
CREATE_INDEX_MATCHER
-
-
Method Details
-
get
-
getNamedOrNull
-
names
-
findPrivilegesThatGrant
Returns the names of privileges that grant the specified action.- Returns:
- A collection of names, ordered (to the extent possible) from least privileged (e.g.
CREATE_DOC) to most privileged (e.g.ALL) - See Also:
-