diff --git a/docs/en/stack/security/authorization/privileges.asciidoc b/docs/en/stack/security/authorization/privileges.asciidoc index a1de8bc62..edf1172c4 100644 --- a/docs/en/stack/security/authorization/privileges.asciidoc +++ b/docs/en/stack/security/authorization/privileges.asciidoc @@ -29,6 +29,12 @@ This includes snapshotting, updating settings, and rerouting. It also includes obtaining snapshot and restore status. This privilege does not include the ability to manage security. +`manage_ccr`:: +All {ccr} operations related to managing follower indices and auto-follow +patterns. It also includes the authority to grant the privileges necessary to +manage follower indices and auto-follow patterns. This privilege is necessary +only on clusters that contain follower indices. + `manage_index_templates`:: All operations on index templates. @@ -62,6 +68,12 @@ who created or updated them. -- +`read_ccr`:: +All read only {ccr} operations, such as getting information about indices and +metadata for leader indices in the cluster. It also includes the authority to +check whether users have the appropriate privileges to follow leader indices. +This privilege is necessary only on clusters that contain leader indices. + `transport_client`:: All privileges necessary for a transport client to connect. Required by the remote cluster to enable <>. @@ -82,6 +94,11 @@ All `monitor` privileges plus index administration (aliases, analyze, cache clea close, delete, exists, flush, mapping, open, force merge, refresh, settings, search shards, templates, validate). +`manage_follow_index`:: +All actions that are required to manage the lifecycle of a follower index, which +includes creating a follower index, closing it, and converting it to a regular +index. This privilege is necessary only on clusters that contain follower indices. + `view_index_metadata`:: Read-only access to index metadata (aliases, aliases exists, get index, exists, field mappings, mappings, search shards, type exists, validate, warmers, settings). This