manage_index_templates is not granular enough #53110
Labels
>enhancement
:Security/Security
Security issues without another label
Team:Security
Meta label for security team
Comments
|
Pinging @elastic/es-security (:Security/Security) |
|
We'd like to see the ability to just read index templates, rather than have to provide write access as well. |
|
Related to #29732 |
|
Any updates on this? We are up against some thorny issues on Security Solutions where we are trying to roll over our alerting/signals index and we would like the existing user to be able to just read the index templates rather than have |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
manage_index_templates is the only setting which controls permissions on templates. This means that to allow a user to create a template, you also have to let them delete or modify any other template. In practice, this means that running a multi-user setting where users are using whatever beats products they want involves either trusting all users with manage_index_templates, or superusers creating a lot of templates for them. #53101 offers a few potential approaches to make this more approachable, e.g. by giving roles a maximum priority, so that they can't modify centrally managed templates
The text was updated successfully, but these errors were encountered: