Default action groups
This page catalogs all default action groups. Often, the most coherent way to create new action groups is to use a combination of these default groups and individual permissions.
General
| Name |
Description |
| UNLIMITED |
Grants complete access. Can be used on an cluster- or index-level. Equates to "*". |
Cluster-level
| Name |
Description |
| CLUSTER_ALL |
Grants all cluster permissions. Equates to cluster:*. |
| CLUSTER_MONITOR |
Grants all cluster monitoring permissions. Equates to cluster:monitor/*. |
| CLUSTER_COMPOSITE_OPS_RO |
Grants read-only permissions to execute requests like mget, msearch, or mtv, plus permissions to query for aliases. |
| CLUSTER_COMPOSITE_OPS |
Same as CLUSTER_COMPOSITE_OPS_RO, but also grants bulk permissions and all aliases permissions. |
| MANAGE_SNAPSHOTS |
Grants permissions to manage snapshots and repositories. |
Index-level
| Name |
Description |
| INDICES_ALL |
Grants all permissions on the index. Equates to indices:*. |
| GET |
Grants permissions to use get and mget actions only. |
| READ |
Grants read permissions such as search, get field mappings, get, and mget. |
| WRITE |
Grants write permissions to documents. |
| DELETE |
Grants permissions to delete documents. |
| CRUD |
Combines the READ, WRITE and DELETE action groups. |
| SEARCH |
Grants permissions to search documents. Includes SUGGEST. |
| SUGGEST |
Grants permissions to use the suggest API. Included in the READ action group. |
| CREATE_INDEX |
Grants permissions to create indices and mappings. |
| INDICES_MONITOR |
Grants permissions to execute all index monitoring actions (e.g. recovery, segments info, index stats, and status). |
| MANAGE_ALIASES |
Grants permissions to manage aliases. |
| MANAGE |
Grants all monitoring and administration permissions for indices. |
