I am working with ml-gradle on MarkLogic 9 but would like to configure the MarkLogic account running ml-gradle with the principle of least-privilege. Is it possible to configure the ml-gradle user in MarkLogic to have more granular permissions, or am I stuck using the admin role? The deployment will be fairly standard, creating documents, modules, indexes, query options etc.
Thanks, --Dan
To create app servers, databases, etc., you'll need the
manage-admin
privilege. To create documents and otherwise modify database content, you'll generally need rest-writer. To read documents or do searches, you'll need rest-reader. On top of that, you may need permissions for specific docs.see the Basic Security Requirements section of the REST Application Developer's Guide for more information.