dadoonet
commented
8 years ago Hi @JamesBromberger
Thanks for opening that feature request. Do you mind reopening it in https://github.com/elastic/elasticsearch where the code has moved now?
Closed JamesBromberger closed 8 years ago
dadoonet
commented
8 years ago Hi @JamesBromberger
Thanks for opening that feature request. Do you mind reopening it in https://github.com/elastic/elasticsearch where the code has moved now?
JamesBromberger
commented
8 years ago Done. #14103. https://github.com/elastic/elasticsearch/issues/14103
While ACL Private is a default, it would be nice to permit ElasticSearch nodes to explicitly set the desired ACL for the snapshots they create. This can then be validated by an S3 Bucket Policy, which can reject clients that try to upload objects to S3 that aren't set as Private.
http://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html http://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html