Skip to content

[DOCS] Add disclaimer that X-Pack Security users inherit anonymous roles #31589

New issue
New issue
Open
Open
[DOCS] Add disclaimer that X-Pack Security users inherit anonymous roles#31589
Labels
:Security/AuthorizationRoles, Privileges, DLS/FLS, RBAC/ABAC>docsGeneral docs changesTeam:SecurityMeta label for security team
@n0othing

Description

@n0othing
n0othing
opened on Jun 26, 2018

When Anonymous Access is enabled, all other users will inherit whichever roles you assign your anonymous user. We should document this behavior as it can cause some confusing results (e.g an explicit user is given access to indices X/Y/Z, but also has access to index A thanks to xpack.security.authc.anonymous.roles).

Ideally, _es_anonymous_user should be the least privileged user, but it's not always the case.

Metadata

Metadata

Assignees

No one assigned

    Labels

    :Security/AuthorizationRoles, Privileges, DLS/FLS, RBAC/ABAC>docsGeneral docs changesTeam:SecurityMeta label for security team

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions