Let’s assume two Elasticsearch clusters:
- one “data” cluster with ReadonlyREST installed;
- one “ccs” cluster without ReadonlyREST.
“data” was configured as a remote cluster to “ccs”.
As far as I understand:
- “ccs” will connect to “data” over the Transport layer, not the HTTP layer, and this cannot be changed;
- “ccs” will forward the Authorization header over the Transport layer (I checked by sniffing the network traffic);
- ReadonlyREST interacts only with HTTP requests (hence the “REST” in its name) and leaves exchanges over the Transport layer absolutely untouched;
- Consequently, ReadonlyREST does not filter the results that flow from “data” to “ccs”.
Do the statements above make sense? Have I understood correctly? Thanks in advance.