User only with access to content they have created

Can someone point me the in the right direction. I've built a simple search as you type tool for a website catalogue which will be used by multiple websites.

I need to make sure that each tenant have a unique user/pass and can only access indexes that they have created? I'm quite a noob so any direction pointers would be handy. They need permission to create/delete/edit their own indexes but no others. Is that possible?

Hi @abrooky Welcome to the community!

Short answer Yes! .. but a Pretty big topic. Elasticsearch supports strong RBAC at multiple levels, index, document, field etc.

What you are describing is Index based RBAC

I would start with understanding Roles... lots of detail here.

If you use Kibana you can set up users and Roles there as well.

Or you can do it programmatically via the Elasticserarch API.

I would try a test or two first then decide on how you want to implement it.

Roles in Kibana worked perfectly. Thanks SO much for sparing me some of you time and expertise. I'm very grateful.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.