Create repository with ES 1.7.4 with with no delete access to IAMCONSOLE?


(Vishal Singh) #1

Is there anyway to create repository on S3 using ES 1.7.4 with access, that does not have delete permission? We do not want to give delete permission to every user in our company.


Elasticsearch 1.7.4 failed "error":"AmazonS3Exception
(David Pilato) #2

No. It could be possible from 2.1 with the new parameter readonly.

Not before this version AFAIK.


(Vishal Singh) #3

We want to migrate from 1.2 to 1.7.

There is no delete access in 1.2 and it works for 1.2.
But We would not be able to migrate to 1.7 if we have to give delete access to everyone.

Is there any work around?


(David Pilato) #4

I don't think so but @Igor_Motov might know more.


(Igor Motov) #5

@Vishal_Singh1 could you tell us a bit more about your setup? Why does every user in your company have to have access to the same snapshot repositories? Do they need to create snapshots or only restore from them?


(Vishal Singh) #6

They need to only restore from them. AWS wants to delete a blobs even to register the local elasticsearch to read from the s3 bucket.

I did a work around by commenting aws source code to delete blob.


(Vishal Singh) #7

But It will be really nice if I do not have to do that. Thanks for any help.


(Igor Motov) #8

It should work if you turn off repository verification when you register it.


(Vishal Singh) #9

Wow! That worked and it was in the documentation. I am sorry I missed it. I thank you for all your help.


(system) #10