search

mobz / elasticsearch-head

A web front end for an elastic search cluster
http://mobz.github.io/elasticsearch-head/
Other
9.42k stars 2.02k forks source link

Access with non superadmin user #432

Open 15astro opened 4 years ago

15astro commented 4 years ago

I am trying to use elasticsearch-head using non-superuser having permissions to limited indexes in the cluster. This limits to only following features of elasticsearch-head:

  1. Browser
  2. Any Request

Following features are not available with non-superuser login:

  1. Cluster Health
  2. Overview
  3. Indices
  4. Structured Query

What user permissions are required to allow elasticsearch-head with all features using non-superadmin user?

philipskokoh commented 4 years ago

Sorry for late response. From Elasticsearch built-in roles, I could not find non-superuser role which has permission to read cluster information, list indices, etc. In this case, I think you need to define a new role with monitor privilege on that role. https://www.elastic.co/guide/en/elasticsearch/reference/current/security-privileges.html

I haven't explored much on Elasticsearch roles, let me know whether this works or not.

philipskokoh commented 4 years ago

Hi, you can try to add transport_client. This may be sufficient. References: https://www.elastic.co/guide/en/elasticsearch/reference/current/built-in-roles.html