all

All cluster administration operations, like snapshotting, node shutdown/restart, settings update, rerouting, or managing users and roles.

monitor

All cluster read-only operations, like cluster health & state, hot threads, node info, node & cluster stats, snapshot/restore status, pending cluster tasks.

manage

Builds on monitor and adds cluster operations that change values in the cluster. This includes snapshotting,updating settings, and rerouting. This privilege does not include the ability to manage security.

manage_security

All security related operations such as CRUD operations on users and roles and cache clearing.

manage_index_templates

All operations on index templates.

manage_pipeline

All operations on ingest pipelines.

transport_client

All privileges necessary for a transport client to connect.

all

Any action on an index

monitor

All actions that are required for monitoring (recovery, segments info, index stats & status).

manage

All monitor privileges plus index administration (aliases, analyze, cache clear, close, delete, exists, flush, mapping, open, force merge, refresh, settings, search shards, templates, validate).

view_index_metadata

Read-only access to information about an index (aliases, aliases exists, get index, exists, field mappings, mappings, search shards, type exists, validate, warmers, settings).

read

Read only access to actions (count, explain, get, mget, get indexed scripts, more like this, multi percolate/search/termvector, percolate, scroll, clear_scroll, search, suggest, tv). Also grants access to the update mapping action.

index

Privilege to index and update documents. Also grants access to the update mapping action.

create

Privilege to index documents. Also grants access to the update mapping action.

delete

Privilege to delete documents.

write

Privilege to perform all write operations to documents, which includes the permission to index, update, and delete documents as well as performing bulk operations. Also grants access to the update mapping action.

delete_index

Privilege to delete an index.

create_index

Privilege to create an index. A create index request may contain aliases to be added to the index once created. In that case the request requires the manage privilege as well, on both the index and the aliases names.

view_index_metadata

Privilege to view the the index metadata such as its mappings and settings. This privilege is primarily available for use by Kibana users.