dev sent me a plugin to install on Elasticsearch installed via Elastic Stack Operator on Kubernetes with all security features enabled (authentication, https, etc.).
What happens is that plugin, previously working on Elasticsearch with no security options enabled, dumps this error:
org.elasticsearch.ElasticsearchSecurityException: action [indices:data/write/index] is unauthorized for user [_system]
I found out here Missing right to write transient cluster settings in custom plugin · Issue #46127 · elastic/elasticsearch · GitHub that _system is the user that executes plugins and has minimal privileges. But i can't find out any documentation anywhere that states how plugins should handle this security features and how to change the plugin's code to fit the security constraints.
Is there any documentation available? @TimV says there are other mechanism to do this, but are these explained somewhere?