I want to upgrade our elasticsearch instance from 1.6.x to 2.1. There is the new shield configuration.
We use 2 indices. One for search requests from the application with a lot of details and another where we have indexed only the name field for suggest.
Until now we have used this configuration in the access control settings:
So it’s possible to disallow all requests to http://host:9200/ except the suggest index:
I don’t know how I can transform this behaviour to the new shield configuration.
With the default shield configuration I can already access http://host:9200/ because deny seems not to be the default behaviour.
Shield will deny by default. The
/ endpoint only requires authentication to work (or if anonymous access is enabled, everyone can access this endpoint). This is due to how Shield authorizes requests; it does so at the action level in elasticsearch and the
/ endpoint does not map to an action.
It looks like you only want to allow the users to search with a search template. Is the search template indexed? If so you need to grant access to the .scripts index. You may try using a role like: