I'm currently evaluating X-Pack for my company and as a requirement we need:
- any user can write data to elasticsearch using bulk API;
- disallow any other bulk operation (index, delete and update);
Looking at the "Indices Privileges" table (here: https://www.elastic.co/guide/en/x-pack/current/security-privileges.html#privileges-list-indices),
A Role with privileges “index” and/or “create” is not able to write using Bulk API;
Bulk API only works with “write" privilege but this also allows deletion and updates (which we don’t want).
Is this a bug? It doesn’t seem correct to have only one big bag of privileges (“write”) for bulk operations.
We are testing with version 5.1.2
For performance reasons we are not interested in using any other API to upload documents - only bulk API;
Using a reverse proxy to filter this requests is not an option either: bulk operations all use POST – we would need to inspect the JSON in the message body (big performance impact);
Any help appreciated