I am planning to query multiple indices. Some indices have content which should only be available to specific users and groups. We plan to use the ACL-indices for them. But some indices have content which is open and available to all users (e.g. crawled content). We don't have ACL indices for them.
I've found out that it is possible to create an API key via POST /_security/api_key which can combine multiple indices with DLS based on their specific ALC indices.
But can I create an API key which also includes indices which are "open" and don't have an ACL index?
So the single API key should grant access to both: indices with and without ACL indices.
You can see that different indices can have different security level.
You could as well create separate role descriptors for public and restricted content instead of having a single role with both index types - it's up to you for organizing indices into separate roles or combine them in a single role.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.