Bird
Raised Fist0

You want to create a role that allows users to read only documents where status is active and see only the name and email fields. Which role definition snippet correctly implements this?

hard🚀 Application Q15 of Q15
Elasticsearch - Security
You want to create a role that allows users to read only documents where status is active and see only the name and email fields. Which role definition snippet correctly implements this?
A{ "indices": [ { "names": ["users"], "privileges": ["read"], "query": { "match": { "status": "active" } }, "field_security": { "deny": ["password"] } } ] }
B{ "indices": [ { "names": ["users"], "privileges": ["read"], "query": { "term": { "status": "active" } }, "field_security": { "grant": ["name", "email"] } } ] }
C{ "indices": [ { "names": ["users"], "privileges": ["read"], "query": { "term": { "status": "active" } }, "fields": ["name", "email"] } ] }
D{ "indices": [ { "names": ["users"], "privileges": ["read"], "query": { "term": { "status": "active" } } } ] }
Step-by-Step Solution
Solution:

  1. Step 1: Verify document-level security query

    Using "term" query on "status" with "active" correctly filters documents.

  2. Step 2: Verify field-level security syntax

    "field_security" with "grant" array specifying "name" and "email" fields is correct.

  3. Step 3: Eliminate incorrect options

    { "indices": [ { "names": ["users"], "privileges": ["read"], "query": { "match": { "status": "active" } }, "field_security": { "deny": ["password"] } } ] } uses "deny" which is invalid; { "indices": [ { "names": ["users"], "privileges": ["read"], "query": { "term": { "status": "active" } }, "fields": ["name", "email"] } ] } uses wrong key "fields"; { "indices": [ { "names": ["users"], "privileges": ["read"], "query": { "term": { "status": "active" } } } ] } lacks field-level security.

  4. Final Answer:

    Role with "query" term filter and "field_security" grant for "name" and "email" -> Option B

  5. Quick Check:

    Use "query" for docs + "field_security" grant for fields [OK]
Quick Trick: Use "query" for docs and "field_security" with "grant" for fields [OK]
Common Mistakes:
MISTAKES
  • Using "deny" instead of "grant" in field_security
  • Using wrong keys like "fields" instead of "field_security"
  • Omitting field-level security to restrict fields

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Elasticsearch Quizzes
Cluster Management - Rolling upgrades - Quiz 4medium Cluster Management - Rolling upgrades - Quiz 10hard Kibana and Visualization - Lens for drag-and-drop analysis - Quiz 6medium Kibana and Visualization - Saved searches and filters - Quiz 11easy Kibana and Visualization - Dashboard creation - Quiz 9hard Performance and Scaling - Bulk indexing optimization - Quiz 8hard Performance and Scaling - Cache management (query, request, field data) - Quiz 2easy Performance and Scaling - Index refresh interval - Quiz 6medium Security - Why security protects sensitive data - Quiz 15hard Security - Authentication basics - Quiz 14medium