Understanding Action Groups and WildCards

I’m trying to digest what the meaning is of wildcards in relation to action groups as described [1].
For context, I’m using the 2.4.4.10 release of SG and getting a “[security_exception] no permissions for indices:data/read/field_stats”.

Towards the end of the document is:

  SEARCH:
- "indices:data/read/search*"
- "indices:data/read/msearch*"
- SUGGEST
SUGGEST:
- "indices:data/read/suggest*"

In this case, the action group SEARCH includes the (wildcarded) search* and msearch* permissions

What exactly does that mean? The available action list is [2]. Does this mean if I define:

MYGROUP

  • “indexes:data/read*”

that ‘MYGROUP’ will allow all data read operations of [2]? What does it means for data/read/search*? Any action group that is prefixed with search?

[1] https://github.com/floragunncom/search-guard-docs/blob/master/configuration.md

[2] Reference | Shield Reference [2.1] | Elastic