阻止用户编辑系统索引
Stopping a user from editing system indices
下面是我用来让一组特定用户访问以 "custom-" 开头的任何索引的代码。但我希望用户能够对任何索引(所以“*”)做任何他们想做的事情,除了系统索引(以“.”开头)。有没有办法用下面的代码来做到这一点,也许用正则表达式?我试过 "names": [ "a-zA-Z0-9" ]," 但没用。
curl -XPUT https://elasticsearch1:9200/_xpack/security/role/custom-users -u elastic -k -v -H "Content-Type: application/json" -d '
{
"indices": [{
"names": [ "custom-*" ],
"privileges": ["all"]
}],
"metadata": {
"version" : 1
}
}
'
这有效:
{ "names": ["@&~(^..+)"], "privileges": ["all"] }
下面是我用来让一组特定用户访问以 "custom-" 开头的任何索引的代码。但我希望用户能够对任何索引(所以“*”)做任何他们想做的事情,除了系统索引(以“.”开头)。有没有办法用下面的代码来做到这一点,也许用正则表达式?我试过 "names": [ "a-zA-Z0-9" ]," 但没用。
curl -XPUT https://elasticsearch1:9200/_xpack/security/role/custom-users -u elastic -k -v -H "Content-Type: application/json" -d '
{
"indices": [{
"names": [ "custom-*" ],
"privileges": ["all"]
}],
"metadata": {
"version" : 1
}
}
'
这有效:
{ "names": ["@&~(^..+)"], "privileges": ["all"] }