Elasticsearch Engineer official course Module1 "information Out" questions: 21-22-23 there are no answers for validation

Dear team,
I am doing the official course online ( Elasticsearch Engineer) and I would like to validate my answers for the
Elasticsearch Engineer Lab - Information out - questions: 21 - 22 - 23 "exam prep"

I don't see "show answer" button to validate my answer. Is it on purpose or something is wrong? Because there were not much info during the learning video regarding user privilege (security).

Thank you for your help

If question 23 has the desired effect ("Notice that the only successful command is the _search request"), then you know you have done exercises 21 and 22 correctly.

Hi abton,
here are the questions from the training: (I sent an email but no answer so far:)

  1. EXAM PREP: Create a user with restricted access to your Elasticsearch cluster. Begin by creating a new role. From the Kibana navigation menu, select Stack Management (under Management). The Security section has options to configure users, roles and API keys. Create a new role named read_only that satisfies the following criteria:
  • the user has no cluster privileges
  • the user has access to indices that match the pattern *
  • the index privileges are only read
  1. EXAM PREP: Create a new user named read_only_user that satisfies the following criteria:
  • password is "nonprodpwd"
  • enter Read Only User for the name of the user
  • use your own email address
  • assign the user to two roles: read_only and kibana_admin NOTE : Make sure to add the kibana_admin role, otherwise you won’t be able to log in to Kibana with read_only_user.
  1. Log out of Kibana and login again as read_only_user . Navigate to the Console and run the commands below. Notice that the only successful command is the _search request, as it only reads data.
GET /

GET _search

PUT new_index/_doc/1
{
    "security_test": "this will fail"
}

can you please help with this?

Thanks in advance

Hello @husoelasticbe,

As explained by Abdon, the best way to validate your answer is to take a look at the output of questions number 3:

GET / -> This one should fail: you don't have the privilege to execute this request.
GET _search -> This one should work as you have read access to all indices
PUT new_index/_doc/1 -> This one should fail as you only have read privileges, you cannot write any data with this user