|
|
@@ -50,9 +50,6 @@ patterns. It also includes the authority to grant the privileges necessary to
|
|
|
manage follower indices and auto-follow patterns. This privilege is necessary
|
|
|
only on clusters that contain follower indices.
|
|
|
|
|
|
-`manage_transform`::
|
|
|
-All operations related to managing {transforms}.
|
|
|
-
|
|
|
`manage_ilm`::
|
|
|
All {Ilm} operations related to managing policies.
|
|
|
|
|
|
@@ -103,10 +100,17 @@ on behalf of other users.
|
|
|
All security-related operations such as CRUD operations on users and roles and
|
|
|
cache clearing.
|
|
|
|
|
|
+`manage_slm`::
|
|
|
+All {slm} ({slm-init}) actions, including creating and updating policies and
|
|
|
+starting and stopping {slm-init}.
|
|
|
+
|
|
|
`manage_token`::
|
|
|
All security-related operations on tokens that are generated by the {es} Token
|
|
|
Service.
|
|
|
|
|
|
+`manage_transform`::
|
|
|
+All operations related to managing {transforms}.
|
|
|
+
|
|
|
`manage_watcher`::
|
|
|
All watcher operations, such as putting watches, executing, activate or acknowledging.
|
|
|
+
|
|
|
@@ -146,6 +150,10 @@ This privilege is necessary only on clusters that contain leader indices.
|
|
|
All read-only {Ilm} operations, such as getting policies and checking the
|
|
|
status of {Ilm}
|
|
|
|
|
|
+read_slm::
|
|
|
+All read-only {slm-init} actions, such as getting policies and checking the
|
|
|
+{slm-init} status.
|
|
|
+
|
|
|
`transport_client`::
|
|
|
All privileges necessary for a transport client to connect. Required by the remote
|
|
|
cluster to enable <<cross-cluster-configuring,{ccs}>>.
|
Lisa Cawley