Elasticsearchquery~30 mins

Role-based access control in Elasticsearch - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Role-based access control

📖 Scenario: You are managing access to an Elasticsearch cluster. Different users have different roles, and each role has specific permissions to access certain indices.We want to create a simple role-based access control setup using Elasticsearch role definitions.

🎯 Goal: Build a role definition in Elasticsearch that assigns specific index permissions to roles, then check the permissions assigned.

📋 What You'll Learn

Create a role called read_only with read access to the products index

Create a role called write_access with write access to the orders index

Create a variable roles that holds these role definitions as a dictionary

Print the permissions of the read_only role

💡 Why This Matters

🌍 Real World

Role-based access control is essential in Elasticsearch to secure data by limiting what users can see or change.

💼 Career

Many jobs require managing Elasticsearch security roles to protect sensitive data and ensure proper access.

Progress0 / 4 steps

Create role definitions

Create a dictionary called roles with two keys: read_only and write_access. The read_only role should have indices permission with names as ["products"] and privileges as ["read"]. The write_access role should have indices permission with names as ["orders"] and privileges as ["write"].

Elasticsearch

# Create the roles dictionary with read_only and write_access roles
# Your code here

Need a hint?

Use a dictionary with keys read_only and write_access. Each key maps to another dictionary with key indices which is a list of dictionaries specifying names and privileges.

Add a helper variable for role to check

Create a variable called role_to_check and set it to the string "read_only".

Elasticsearch

roles = {
    "read_only": {
        "indices": [
            {
                "names": ["products"],
                "privileges": ["read"]
            }
        ]
    },
    "write_access": {
        "indices": [
            {
                "names": ["orders"],
                "privileges": ["write"]
            }
        ]
    }
}
# Create a variable role_to_check and set it to "read_only"
# Your code here

Need a hint?

Just assign the string "read_only" to a variable named role_to_check.

Extract permissions for the selected role

Create a variable called permissions and set it to the indices value inside the roles dictionary for the key stored in role_to_check.

Elasticsearch

roles = {
    "read_only": {
        "indices": [
            {
                "names": ["products"],
                "privileges": ["read"]
            }
        ]
    },
    "write_access": {
        "indices": [
            {
                "names": ["orders"],
                "privileges": ["write"]
            }
        ]
    }
}
role_to_check = "read_only"
# Extract the indices permissions for the role stored in role_to_check
# Your code here

Need a hint?

Use the variable role_to_check as a key to get the role from roles, then get the indices key from that role.

Print the permissions

Write a print statement to display the value of the permissions variable.

Elasticsearch

roles = {
    "read_only": {
        "indices": [
            {
                "names": ["products"],
                "privileges": ["read"]
            }
        ]
    },
    "write_access": {
        "indices": [
            {
                "names": ["orders"],
                "privileges": ["write"]
            }
        ]
    }
}
role_to_check = "read_only"
permissions = roles[role_to_check]["indices"]
# Print the permissions variable
# Your code here

Need a hint?

Use print(permissions) to show the permissions.