# In this file users, backendroles and hosts can be mapped to Search Guard roles. # Permissions for Search Guard roles are configured in sg_roles.yml LDAP-admin-accounts: readonly: true backendroles: - admin LDAP-user-accounts: backendroles: - kibanauser - readall sg_all_access: readonly: true backendroles: - admin sg_logstash: backendroles: - logstash sg_kibana_server: readonly: true users: - kibanaserver sg_kibana_user: backendroles: - kibanauser sg_readall: readonly: true backendroles: - readall sg_manage_snapshots: readonly: true backendroles: - snapshotrestore sg_own_index: users: - '*'