Elastic Cloud.
need to be able to register secrets in the Elasticsearch Keystore. This can be done with the ElasticSearch Service API. However, in order to use this API you create an Api Key.
The API key has no expiration, so it may be used indefinitely. The API key has the same permissions as the API key owner. You may have multiple API keys for different purposes and you can revoke them when you no longer need them.
It appears that this API Key would have rights to interact with every deployment associated with the Key owner, i.e. the Cloud login. This means it can perform any CRUD operation including deleting every deployment. I'm just trying to identify if there are any options in limiting the privileges of this API Key to only writing to the Keystore.