Elasticsearchquery~30 mins

Field and document level security in Elasticsearch - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Field and Document Level Security in Elasticsearch

📖 Scenario: You are managing a company's employee data stored in Elasticsearch. Some information is sensitive and should only be visible to certain users. You want to control which fields and documents each user can see.

🎯 Goal: Build an Elasticsearch role with field and document level security to restrict access to employee data. You will create a sample index, define a role with specific field and document filters, and test the access by querying the data.

📋 What You'll Learn

Create an Elasticsearch index called employees with sample employee documents

Define a role called employee_viewer that restricts access to certain fields and documents

Use field level security to allow viewing only name and department fields

Use document level security to allow viewing only employees in the sales department

Query the employees index using the employee_viewer role to see the filtered results

💡 Why This Matters

🌍 Real World

Companies often need to protect sensitive data by controlling who can see what information in their databases.

💼 Career

Understanding field and document level security is important for roles like Elasticsearch administrators, security engineers, and backend developers managing data access.

Progress0 / 4 steps

Create the employees index with sample data

Create an Elasticsearch index called employees and add these documents exactly: {"name": "Alice", "department": "sales", "salary": 70000}, {"name": "Bob", "department": "engineering", "salary": 90000}, {"name": "Carol", "department": "sales", "salary": 65000}

Elasticsearch

# Use Elasticsearch API to create index and add documents
# Your code here

Need a hint?

Use the PUT method to create the index with mappings, then use POST to add documents.

Define the employee_viewer role with field and document level security

Create a role called employee_viewer that grants read access to the employees index, allows viewing only the name and department fields, and restricts documents to those where department is sales

Elasticsearch

PUT /_security/role/employee_viewer
{
  "indices": [
    {
      "names": ["employees"],
      "privileges": ["read"],
      # Your code here
    }
  ]
}

Need a hint?

Use field_security to specify allowed fields and query to filter documents by department.

Query the employees index using the employee_viewer role

Write a search query to get all documents from the employees index using the employee_viewer role. Use the GET /employees/_search API and assume the role is applied. The query should return only employees in the sales department with only the name and department fields visible.

Elasticsearch

# Use GET /employees/_search to query the index
# Your code here

Need a hint?

Use a simple match_all query to retrieve documents. The role's document and field level security will filter results automatically.

Display the filtered search results

Print the search results from the GET /employees/_search query showing only employees in the sales department with only the name and department fields visible. The output should list the documents returned by Elasticsearch.

Elasticsearch

# Print the search hits below
# Your code here

Need a hint?

The output should show only Alice and Carol with their name and department fields. The salary field should not appear.