Using ReadonlyREST security in elasticsearch-oss:7.6.2

Hi,

We are running ELK stack as containers managed by docker-compose as part of our software package.

We seek a free alternative to elastic x-pack. ReadonlyREST seemed like a deal but when I follow the guide here https://readonlyrest.com/blog/insights/set-up-local-secured-elk-stack/
I am unable to get the plugin for elasticsearch running.

I install the plugin into the elastic container, mount the readonlyrest.yml to /usr/share/elasticsearch/config/readonlyrest.yml, restart the docker-compose but it seems to have no effect (eg. i can curl -vvv “http://localhost:9200/_cat/indices” without auth. error).

Is it because we are using oss version? For example, we cannot set xpack.security.enabled: false as xpack is not present.

Hi @synek

Did you see our demo docker image? https://github.com/sscarduzio/ror-docker-demo

You should also see in ES logs that ROR starts.

the docker demo comes with the non-OSS stack, and except the disabling of xpack security, should work the very same.

@synek the regular installation process is decribed in the docs

You basically download the zip and install it with bin/elasticsearch-plugin install file://<absolute_path>
Then you add your readonlyrest.yml and you restart ES. Please tell us where exactly you find a problem, i.e. paste some Dockerfile bits maybe.

Thanks, for ensuring me it should work.

It started working when I have modified readonlyrest.yml

from (https://readonlyrest.com/blog/insights/set-up-local-secured-elk-stack/):

 readonlyrest:
    enable: true
    access_control_rules:
    - name: "Basic Authentication to get started with"
      indices: ["*"]
      type: allow
      auth_key: RoRUser:readonlyrest

to (https://github.com/beshu-tech/readonlyrest-docs/blob/master/elasticsearch.md):

readonlyrest:
    access_control_rules:
    - name: "Require HTTP Basic Auth"
      type: allow
      auth_key: user:password

both configuration seem acceptable for me, maybe something went wrong with the indentation?