Hi,
Suppose I need to restrict access to documents that reside in multiple indices, using a DLS query on fields common to all the documents. Can it can be defined using a wildcard in the index_patterns?
For example, for indices named ‘humanresources_one’ & ‘humanresources_two’ with a common field ‘manager’:
hr_employee:
index_permissions:
- index_patterns:
- ‘humanresources_*’
allowed_actions:
- …
dls: ‘{“term” : {“manager” : ${user.name|toJson}}}’
If so, is there any performance penalty to defining it this way, rather than defining specifically
for each of the indices as below?
hr_employee:
index_permissions:
- index_patterns:
- ‘humanresources_one’
- ‘humanresources_two’
allowed_actions:
- …
dls: ‘{“term” : {“manager” : ${user.name|toJson}}}’
Thanks,
Ofer Sharon