Hi all,
I’m evaluating the frozen tier functionality in Elastic Cloud deployment, aiming to keep around ten years of historical data available for occasional analysis and compliance purposes.
Given that we plan to retain data for such a long period, what should we take into account regarding the use of the frozen tier and the compatibility between Elasticsearch versions and the underlying snapshots? Are there any known limitations or recommended best practices to ensure long-term accessibility?
Also, is there any way to limit access to indices once they move to the frozen tier? Ideally, only a few users should be able to query those historical indices, but since permissions are applied at the data stream level, it’s not clear to me how to handle that separation.
Any guidance or examples would be greatly appreciated.
Thanks!