Trying to determine how best to approach this.
I want to be able to use elastic:changeme for global read access to elasticsearch capabilities
(such as searching within an index, or calling elastic apis like /_nodes/_all) and
I want to be able to use elastic:writeme for restricting write access to the same
(such as PUT/POST/DELETE to a specific index or calling write elastic apis like /_template)
I want to be able to give ro access to all requests coming from Kibana.
How would I approach this? Using this seems to be doing some of the PUT/POST/DELETE correctly but I’m not able to call GET on the elastic apis like /_nodes/_all (though I am able to call GET on my own indices like /myindex/_search)
The GOAL is for me to be able to call ALL Monitor/Admin/Cluster/Kibana/MyIndex READ APIs using elastic:changeme and any and ALL Write APIs (Monitor/Admin/Cluster/MyIndexes) using elastic:writeme
readonlyrest: access_control_rules: - name: "just that action from localhost" type: allow actions: ["cluster:monitor/main"] hosts: ["127.0.0.1"] - name: "Global Read/Monitor Access" auth_key: "elastic:changeme" type: allow actions: ["indices:data/read/*","indices:admin/get", "cluster:*"] - name: "Global Write/Admin Access" auth_key: "elastic:$apr1$AtIR0e/S$lC346PxpaBQODjx7.avAi." type: allow actions: ["indices:data/write/*","indices:admin/*"]