all

All cluster administration operations, like snapshotting, node shutdown/restart, settings update or rerouting

monitor

All cluster read-ony operations, like cluster health & state, hot threads, node info, node & cluster stats, snapshot/restore status, pending cluster tasks

manage_shield

All Shield related operations (currently only exposing an API for clearing the realm caches)

all

Any action on an index

manage

All monitor privileges plus index administration (aliases, analyze, cache clear, close, delete, exists, flush, mapping, open, optimize, refresh, settings, search shards, templates, validate, warmers)

monitor

All actions, that are required for monitoring and read-only (recovery, segments info, index stats & status)

data_access

A shortcut of all of the below privileges

crud

A shortcut of read and write privileges

read

Read only access to actions (count, explain, get, exists, mget, get indexed scripts, more like this, multi percolate/search/termvector), percolate, scroll, clear_scroll, search, suggest, tv)

search

All of suggest and executing an arbitrary search request (including multi-search API)

get

Allow to execute a GET request for a single document or multiple documents via the multi-get API

suggest

Allow to execute the _suggest API

index

Privilege to index and update documents

create_index

Privilege to create an index. A create index request may contain aliases to be added to the index once created. In that case the request requires manage_aliases privilege as well, on both the index and the aliases names.

manage_aliases

Privilege to add and remove aliases, as well as retrieve aliases information. Note that in order to add an alias to an existing index, the manage_aliases privilege is required on the existing index as well as on the alias name

delete

Privilege to delete documents (includes delete by query)

write

Privilege to index, update, delete, delete by query and bulk operations on documents, in addition to delete and put indexed scripts