URL-based access control

edit

Many users use a proxy with URL-based access control to secure access to Elasticsearch data streams and indices. For multi-search, multi-get, and bulk requests, the user has the choice of specifying a data stream or index in the URL and on each individual request within the request body. This can make URL-based access control challenging.

To prevent the user from overriding the data stream or index specified in the URL, set rest.action.multi.allow_explicit_index to false in elasticsearch.yml.

This causes Elasticsearch to reject requests that explicitly specify a data stream or index in the request body.