Elasticsearch - Security
You want to create a role that allows users to see only documents where "region" is "EMEA" and only the fields "name" and "email". Which role definition snippet is correct?
You want to create a role that allows users to see only documents where "region" is "EMEA" and only the fields "name" and "email". Which role definition snippet is correct?
hard🚀 Application Q8 of Q15
Step-by-Step Solution
Solution:
Step 1: Check document-level security query type
Term query is correct for exact match on "region" field.Step 2: Check field-level security syntax
Fields must be an array of strings, not a comma-separated string.Step 3: Verify both conditions together
{"indices": [{"names": ["*"], "privileges": ["read"], "query": {"term": {"region": "EMEA"}}, "field_security": {"fields": ["name", "email"]}}]} uses term query and array fields correctly.Final Answer:
Option A is the correct role definition snippet -> Option AQuick Check:
Term query + array fields = correct role snippet [OK]
Quick Trick: Use term query and array for fields in role definition [OK]
Common Mistakes:
MISTAKES- Using match query instead of term
- Using string instead of array for fields
- Mixing both errors
Master "Security" in Elasticsearch
Want More Practice?
15+ quiz questions · All difficulty levels · Free
Free Signup - Practice All QuestionsMore Elasticsearch Quizzes