regex support in roles definition

Hi all,
I’m trying to specify an index pattern in sg_roles.yml but i can’t get it to work.

I’m using searchguard 5 (latest) with ES 5.6.6.

I’m using something like ‘/^myprefix.*$/’ (to match myprefixWHATEVER indices) but it does not work:

sg_testrole:

cluster:

  • CLUSTER_COMPOSITE_OPS_RO

  • indices:data/read/scroll*

indices:

#this WORKS but it not a regex

‘myprefix*’:

‘*’:

  • READ

  • SEARCH

  • indices:data/read/field_caps

#this DOES NOT work

‘/^myotherprefix.*$/’:

‘*’:

  • READ

  • SEARCH

  • indices:data/read/field_caps

‘?kibana’:

‘*’:

  • INDICES_ALL

is there something wrong in my definition ?
Thank you in advance for your help

Alessandro

try something '/myprefix.*/' (omit the ^ $)

and '/myotherprefix.*/'

···

Am 20.02.2018 um 12:06 schrieb alextxm79@gmail.com:

Hi all,
I'm trying to specify an index pattern in sg_roles.yml but i can't get it to work.
I'm using searchguard 5 (latest) with ES 5.6.6.

I'm using something like '/^myprefix.*$/' (to match myprefixWHATEVER indices) but it does not work:

sg_testrole:
  cluster:
    - CLUSTER_COMPOSITE_OPS_RO
    - indices:data/read/scroll*
  indices:
    #this WORKS but it not a regex
    'myprefix*':
      '*':
        - READ
        - SEARCH
        - indices:data/read/field_caps
    #this DOES NOT work
    '^myotherprefix.*$':
      '*':
        - READ
        - SEARCH
        - indices:data/read/field_caps
    '?kibana':
      '*':
        - INDICES_ALL

is there something wrong in my definition ?
Thank you in advance for your help

Alessandro

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d37be770-0c26-4da1-af35-0487007127b2%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.

ah, and you need to esacpe the dot (.) like explained here

https://github.com/floragunncom/search-guard/blob/master/sgconfig/sg_roles.yml
and

···

Am 21.02.2018 um 21:51 schrieb SG <info@search-guard.com>:

try something '/myprefix.*/' (omit the ^ $)

and '/myotherprefix.*/'

Am 20.02.2018 um 12:06 schrieb alextxm79@gmail.com:

Hi all,
I'm trying to specify an index pattern in sg_roles.yml but i can't get it to work.
I'm using searchguard 5 (latest) with ES 5.6.6.

I'm using something like '/^myprefix.*$/' (to match myprefixWHATEVER indices) but it does not work:

sg_testrole:
cluster:
   - CLUSTER_COMPOSITE_OPS_RO
   - indices:data/read/scroll*
indices:
   #this WORKS but it not a regex
   'myprefix*':
     '*':
       - READ
       - SEARCH
       - indices:data/read/field_caps
   #this DOES NOT work
   '^myotherprefix.*$':
     '*':
       - READ
       - SEARCH
       - indices:data/read/field_caps
   '?kibana':
     '*':
       - INDICES_ALL

is there something wrong in my definition ?
Thank you in advance for your help

Alessandro

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d37be770-0c26-4da1-af35-0487007127b2%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.