Yes. By now, you have to deal with security yourself. So, secure URL using Ngnix for example, use aliases which will expose alias URL and not direct index URL. Use filters in aliases.
Example: Let's say you have a groupid field in your documents and you have a "doc" index. A doc A belongs to groupid "marketing". Doc B belongs to groupid "finances". Create an alias "marketing" which uses "doc" index with a prebuilt filter on groupid with "marketing". Same for finances. Then secure your URLs using Nginx and let users only access to the right URLs (aliases) they should see. My 2 cents. -- David Pilato | Technical Advocate | Elasticsearch.com @dadoonet | @elasticsearchfr Le 30 avril 2014 à 17:56:10, Patrick Proniewski ([email protected]) a écrit: Hello, As a BOfH, I'm quite used to provide auth-based access to IT resources. As CISO I must guaranty that users get only what they need, especially about sensitive content. Unfortunately I can't find anything about authentication, and security in ES documentation. It looks like the product is designed like memcached: it's there and free to use. Is there any way to provide some partitioning inside an ES cluster, so that we can share the cluster without sharing the data? thanks, Patrick -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/E22ED5A1-1554-4558-BBC7-3408CBA3C179%40patpro.net. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/etPan.53611f0e.257130a3.2280%40MacBook-Air-de-David.local. For more options, visit https://groups.google.com/d/optout.
