IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Defining roles Security privileges »
Elastic Docs Elasticsearch Guide [7.9] Secure a cluster User authorization

Granting access to Stack Management features

edit

Granting access to Stack Management features

edit

You define roles and set user privileges at different levels to grant access to each of the Elastic Stack features.

Cross-cluster replication

edit

The cross-cluster replication user requires different cluster and index privileges on the remote cluster and local cluster.

On the remote cluster that contains the leader index, the cross-cluster replication user requires read_ccr cluster privilege and monitor and read privileges on the leader index.

ccr_user:
  cluster:
    - read_ccr
  indices:
    - names: [ 'leader-index' ]
      privileges:
        - monitor
        - read

On the local cluster that contains the follower index, the cross-cluster replication user requires the manage_ccr cluster privilege and monitor, read, write and manage_follow_index privileges on the follower index.

ccr_user:
  cluster:
    - manage_ccr
  indices:
    - names: [ 'follower-index' ]
      privileges:
        - monitor
        - read
        - write
        - manage_follow_index

If you are managing connecting to the remote cluster using the cluster update settings API, you will also need a user with the all cluster privilege.

« Defining roles Security privileges »