we want to encrypt one field of our documents in Elastic and I went through lots of methods for doing this and none of them was good with our situation (for example third-party proxy and plugins because they are paid or not reliable or not supporting analyzers for our language)
we have an idea that when our service wants to index the document first it calls the analyze API with the analyzer we want to use for index, encrypts the result tokens, constructs a new encrypted document with encrypted tokens and positions that analyzer API return, and finally indexes the new document
the point is with this approach
- we can still perform search on the text because we encrypt each token individually (we don't need prefix query or ...)
- we don't need to handle any of the analyzing steps like token filters or .... in the application all of it will be handled by Elastic
so my question is
is this a good idea?
is analyzer API good for non-testing purposes?
or in general any ideas or notes on this.