easy way to make an elasticsearch server read-only

Question

It\'s really easy to just upload a bunch of json data to an elasticsearch server to have a basic query api, with lots of options

I\'d just like to know if there\'s and e

Answer 1

I use this elasticsearch plugin:

https://github.com/sscarduzio/elasticsearch-readonlyrest-plugin

It is very simple, easy to install & configure. The GitHub project page has a config example that shows how to limit requests to HTTP GET method only; which will not change any data in elasticsearch. If you need only whitelisted IP#'s (or none) to use other methods (PUT/DELETE/etc) that can change data then it has got you covered as well.

Something like this goes into your elasticsearch config file (/etc/elasticsearch/elasticsearch.yml or equivalent), adapted from the GitHub page:

readonlyrest:
    enable: true
    response_if_req_forbidden: Sorry, your request is forbidden
    # Default policy is to forbid everything, let's define a whitelist
    access_control_rules:

    # from these IP addresses, accept any method, any URI, any HTTP body
    #- name: full access to internal servers
    #  type: allow
    #  hosts: [127.0.0.1, 10.0.0.10]

    # From external hosts, accept only GET and OPTION methods only if the HTTP request body is empty
    - name: restricted access to all other hosts
      type: allow
      methods: [OPTIONS,GET]
      maxBodyLength: 0