Default action groups
This page catalogs all default action groups. Often, the most coherent way to create new action groups is to use a combination of these default groups and individual permissions.
General
Name |
Description |
UNLIMITED |
Grants complete access. Can be used on an cluster- or index-level. Equates to "*" . |
Cluster-level
Name |
Description |
CLUSTER_ALL |
Grants all cluster permissions. Equates to cluster:* . |
CLUSTER_MONITOR |
Grants all cluster monitoring permissions. Equates to cluster:monitor/* . |
CLUSTER_COMPOSITE_OPS_RO |
Grants read-only permissions to execute requests like mget , msearch , or mtv , plus permissions to query for aliases. |
CLUSTER_COMPOSITE_OPS |
Same as CLUSTER_COMPOSITE_OPS_RO , but also grants bulk permissions and all aliases permissions. |
MANAGE_SNAPSHOTS |
Grants permissions to manage snapshots and repositories. |
Index-level
Name |
Description |
INDICES_ALL |
Grants all permissions on the index. Equates to indices:* . |
GET |
Grants permissions to use get and mget actions only. |
READ |
Grants read permissions such as search, get field mappings, get , and mget . |
WRITE |
Grants write permissions to documents. |
DELETE |
Grants permissions to delete documents. |
CRUD |
Combines the READ, WRITE and DELETE action groups. |
SEARCH |
Grants permissions to search documents. Includes SUGGEST. |
SUGGEST |
Grants permissions to use the suggest API. Included in the READ action group. |
CREATE_INDEX |
Grants permissions to create indices and mappings. |
INDICES_MONITOR |
Grants permissions to execute all index monitoring actions (e.g. recovery, segments info, index stats, and status). |
MANAGE_ALIASES |
Grants permissions to manage aliases. |
MANAGE |
Grants all monitoring and administration permissions for indices. |