I’m looking at ReadonlyREST in a cross cluster search situation. I’ve been experimenting with this, and it works as I’d expect, each individual cluster can have its on ReadonlyREST implementation, which doesn’t translate to communications across clusters (Securing C1, you can access with C2’s security rules if querying from C2 against C1).
Only thing that doesn’t seem to work when I tried it initially is specifying indices across clusters - from the cluster that has the connection to the others (clusters aliased as “c1” and “c2”, respectively), it’d be great to be able to specify cluster names and index name patterns explicitly in the “indices” parameters you can set in each block.
That is to say, on my “coordinating_cluster” cluster, I’d like to be able to specify a block that says that groups A, B and C have read access to indices starting with the string “data” on both clusters (“c*:data*”)
Alternatively, I’d want to have an explicit deny for anyone in groups X, Y and Z from accessing data on c2 (“c2:*”)
That kind of thing