Hi,
I have assigned the privilege monitor to a role in elasticserach . As provided in the documentation of elasticsearch the monitor privilege - Can access all cluster read-only operations, like cluster health and settings etc.
The _cluster/settings gets the cluster settings. I want to block the user having monitor privilege from accessing the above API. .
Please let me know how i can block the privilege monitor from accessing the details present inside _cluster/settings.
Cluster settings (persistent and transient) are queried from the cluster state.
So if you want to block user from having a monitor privilege just on _cluster/settings but have access to cluster state would not be possible.
To block user from accessing cluster state (including cluster/settings) you can create a custom role:
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.