How can we specify authorization at data input source level?
Like I created a TCP source, but I want it to be available (while searching) to a specific group/role/user only. Not for everyone.
You could specify a custom index within the input configuration. For example:
index = special
You can then create a custom role which allows only access to this index by modifying authorize.conf:
importRoles = user
srchIndexesDefault = special
srchIndexesAllowed = special
To ensure other roles are unable to access this special index, you should verify that the srchIndexes* settings do not specify * or the special index.
View solution in original post