How can you combine cluster monitoring and index write permissions in a single role for indices matching app-*?

hard🚀 Application Q9 of Q15

Elasticsearch - Security

How can you combine cluster monitoring and index write permissions in a single role for indices matching app-*?

A{ "cluster": [], "indices": [{ "names": ["app-*"] , "privileges": ["monitor", "write"] }] }

B{ "cluster": ["monitor"], "indices": [{ "names": ["app-*"] , "privileges": ["write"] }] }

C{ "cluster": ["monitor", "write"], "indices": [{ "names": ["app-*"] , "privileges": ["read"] }] }

D{ "cluster": ["write"], "indices": [{ "names": ["app-*"] , "privileges": ["monitor"] }] }

Step-by-Step Solution

Solution:

Step 1: Assign cluster monitoring privilege correctly
"cluster": ["monitor"] grants monitoring rights at cluster level.
Step 2: Assign write privilege on indices
"indices" with "write" privilege on "app-*" indices grants write access.
Step 3: Verify no privilege confusion
Cluster "write" is different from index "write"; monitor is cluster-only privilege.
Final Answer:
Cluster monitor plus index write privileges combined correctly -> Option B
Quick Check:
Cluster monitor + index write = correct role [OK]

Quick Trick: Cluster and index privileges are separate arrays in role JSON [OK]

Common Mistakes:

MISTAKES

Master "Security" in Elasticsearch

9 interactive learning modes - each teaches the same concept differently

Want More Practice?

15+ quiz questions · All difficulty levels · Free

More Elasticsearch Quizzes