github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-04-24 23:27:25 -04:00
Code Issues Projects Releases Packages Wiki Activity
elasticsearch/docs/reference/security/operator-privileges/index.asciidoc
James Rodewig 255c9a7f95
[DOCS] Move x-pack docs to docs/reference dir (#99209) 
**Problem:**
For historical reasons, source files for the Elasticsearch Guide's security, watcher, and Logstash API docs are housed in the `x-pack/docs` directory. This can confuse new contributors who expect Elasticsearch Guide docs to be located in `docs/reference`. 

**Solution:**
- Move the security, watcher, and Logstash API doc source files to the `docs/reference` directory
- Update doc snippet tests to use security

Rel: https://github.com/elastic/platform-docs-team/issues/208
2023-09-12 14:53:41 -04:00

31 lines
1.4 KiB
Text
Raw Permalink Blame History

[role="xpack"]
[[operator-privileges]]
== Operator privileges
NOTE: {cloud-only}
With a typical {es} deployment, people who administer the cluster also operate
the cluster at the infrastructure level. User authorization based on
<<authorization,role-based access control (RBAC)>> is effective and reliable for
this environment. However, in more managed environments, such as
{ess-trial}[{ess}], there is a distinction between the operator of the cluster
infrastructure and the administrator of the cluster.
Operator privileges limit some functionality to operator users _only_. Operator
users are just regular {es} users with access to specific
<<operator-only-functionality,operator-only functionality>>. These
privileges are not available to cluster administrators, even if they log in as
a highly privileged user such as the `elastic` user or another user with the
`superuser` role. By limiting system access, operator privileges enhance the
{es} security model while safeguarding user capabilities.
Operator privileges are enabled on {ecloud}, which means that some
infrastructure management functionality is restricted and cannot be accessed by
your administrative users. This capability protects your cluster from unintended
infrastructure changes.
include::configure-operator-privileges.asciidoc[]
include::operator-only-functionality.asciidoc[]
include::operator-only-snapshot-and-restore.asciidoc[]
Reference in a new issue View git blame Copy permalink