| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171 |
- _meta:
- type: "roles"
- config_version: 2
- # Restrict users so they can only view visualization and dashboards on kibana
- kibana_read_only:
- reserved: true
- # The security REST API access role is used to assign specific users access to change the security settings through the REST API.
- security_rest_api_access:
- reserved: true
- # Allows users to view monitors, destinations and alerts
- alerting_read_access:
- reserved: true
- cluster_permissions:
- - 'cluster:admin/opendistro/alerting/alerts/get'
- - 'cluster:admin/opendistro/alerting/destination/get'
- - 'cluster:admin/opendistro/alerting/monitor/get'
- - 'cluster:admin/opendistro/alerting/monitor/search'
- # Allows users to view and acknowledge alerts
- alerting_ack_alerts:
- reserved: true
- cluster_permissions:
- - 'cluster:admin/opendistro/alerting/alerts/*'
- # Allows users to use all alerting functionality
- alerting_full_access:
- reserved: true
- cluster_permissions:
- - 'cluster_monitor'
- - 'cluster:admin/opendistro/alerting/*'
- index_permissions:
- - index_patterns:
- - '*'
- allowed_actions:
- - 'indices_monitor'
- - 'indices:admin/aliases/get'
- - 'indices:admin/mappings/get'
- # Allow users to read Anomaly Detection detectors and results
- anomaly_read_access:
- reserved: true
- cluster_permissions:
- - 'cluster:admin/opendistro/ad/detector/info'
- - 'cluster:admin/opendistro/ad/detector/search'
- - 'cluster:admin/opendistro/ad/detectors/get'
- - 'cluster:admin/opendistro/ad/result/search'
- - 'cluster:admin/opendistro/ad/tasks/search'
- # Allows users to use all Anomaly Detection functionality
- anomaly_full_access:
- reserved: true
- cluster_permissions:
- - 'cluster_monitor'
- - 'cluster:admin/opendistro/ad/*'
- index_permissions:
- - index_patterns:
- - '*'
- allowed_actions:
- - 'indices_monitor'
- - 'indices:admin/aliases/get'
- - 'indices:admin/mappings/get'
- # Allows users to read Notebooks
- notebooks_read_access:
- reserved: true
- cluster_permissions:
- - 'cluster:admin/opendistro/notebooks/list'
- - 'cluster:admin/opendistro/notebooks/get'
- # Allows users to all Notebooks functionality
- notebooks_full_access:
- reserved: true
- cluster_permissions:
- - 'cluster:admin/opendistro/notebooks/create'
- - 'cluster:admin/opendistro/notebooks/update'
- - 'cluster:admin/opendistro/notebooks/delete'
- - 'cluster:admin/opendistro/notebooks/get'
- - 'cluster:admin/opendistro/notebooks/list'
- # Allows users to read and download Reports
- reports_instances_read_access:
- reserved: true
- cluster_permissions:
- - 'cluster:admin/opendistro/reports/instance/list'
- - 'cluster:admin/opendistro/reports/instance/get'
- - 'cluster:admin/opendistro/reports/menu/download'
- # Allows users to read and download Reports and Report-definitions
- reports_read_access:
- reserved: true
- cluster_permissions:
- - 'cluster:admin/opendistro/reports/definition/get'
- - 'cluster:admin/opendistro/reports/definition/list'
- - 'cluster:admin/opendistro/reports/instance/list'
- - 'cluster:admin/opendistro/reports/instance/get'
- - 'cluster:admin/opendistro/reports/menu/download'
- # Allows users to all Reports functionality
- reports_full_access:
- reserved: true
- cluster_permissions:
- - 'cluster:admin/opendistro/reports/definition/create'
- - 'cluster:admin/opendistro/reports/definition/update'
- - 'cluster:admin/opendistro/reports/definition/on_demand'
- - 'cluster:admin/opendistro/reports/definition/delete'
- - 'cluster:admin/opendistro/reports/definition/get'
- - 'cluster:admin/opendistro/reports/definition/list'
- - 'cluster:admin/opendistro/reports/instance/list'
- - 'cluster:admin/opendistro/reports/instance/get'
- - 'cluster:admin/opendistro/reports/menu/download'
- # Allows users to use all asynchronous-search functionality
- asynchronous_search_full_access:
- reserved: true
- cluster_permissions:
- - 'cluster:admin/opendistro/asynchronous_search/*'
- index_permissions:
- - index_patterns:
- - '*'
- allowed_actions:
- - 'indices:data/read/search*'
- # Allows users to read stored asynchronous-search results
- asynchronous_search_read_access:
- reserved: true
- cluster_permissions:
- - 'cluster:admin/opendistro/asynchronous_search/get'
- wazuh_ui_user:
- reserved: true
- hidden: false
- cluster_permissions: []
- index_permissions:
- - index_patterns:
- - "wazuh-*"
- dls: ""
- fls: []
- masked_fields: []
- allowed_actions:
- - "read"
- tenant_permissions: []
- static: false
- wazuh_ui_admin:
- reserved: true
- hidden: false
- cluster_permissions: []
- index_permissions:
- - index_patterns:
- - "wazuh-*"
- dls: ""
- fls: []
- masked_fields: []
- allowed_actions:
- - "read"
- - "delete"
- - "manage"
- - "index"
- tenant_permissions: []
- static: false
- # ISM API permissions role
- manage_ism:
- reserved: true
- hidden: false
- cluster_permissions:
- - "manage_ism"
- static: false
|
