Hi there and thanks for this wonderful tool.
So the main problem we were trying to solve with this was locking down our Elasticsearch and making it so that no one could execute a POST or DELETE to our ES service, but we were still able to query ES.
We were able to solve part of this. Now our index is built on the server side only and a POST or DELETE can’t be executed externally.
We’ve tried to set it up so that only host from certainly IPs can read from ES without any kind of authentication but that doesn’t seem to be working.
So my question is: is there a setting somewhere that I’m missing that simply makes ES “read only” without any kind of authentication or noting the host. For instance, we’re trying to figure out if we can implement “read only” as the default for ES unless you execute a curl server side with the auth keys (which is working).
We’re pulling data from ES using AJAX and absolutely nothing seems to be getting through now. We constantly get a “Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR” error in console.
We’re running SSL and executing everything across https.
It would be ideal if we could lock down individual indicies as read only unless you provide the API keys.
Any thoughts or suggestions?