Skip to content

Commit 5f55e15

Browse files
sscarduziosscarduzio
committed
Update README.md
1 parent 4c26c1e commit 5f55e15

File tree

1 file changed

+2
-13
lines changed

1 file changed

+2
-13
lines changed

README.md

Lines changed: 2 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,8 @@
11
[![ghit.me](https://ghit.me/badge.svg?repo=sscarduzio/elasticsearch-readonlyrest-plugin)](https://ghit.me/repo/sscarduzio/elasticsearch-readonlyrest-plugin)
22
[![Codacy Badge](https://api.codacy.com/project/badge/grade/9ef51ae1e6e34deba913f22e2e4cbd56)](https://www.codacy.com/app/scarduzio/elasticsearch-readonlyrest-plugin)
33
[![Build Status](https://travis-ci.org/sscarduzio/elasticsearch-readonlyrest-plugin.svg?branch=master)](https://travis-ci.org/sscarduzio/elasticsearch-readonlyrest-plugin)
4-
[![Join the chat at https://gitter.im/sscarduzio/elasticsearch-readonlyrest-plugin](https://badges.gitter.im/sscarduzio/elasticsearch-readonlyrest-plugin.svg)](https://gitter.im/sscarduzio/elasticsearch-readonlyrest-plugin?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
54

65
# Readonly REST Elasticsearch Plugin
7-
86
Expose the high performance HTTP server embedded in Elasticsearch directly to the public, safely blocking any attempt to delete or modify your data.
97

108
In other words... no more proxies! Yay Ponies!
@@ -114,25 +112,16 @@ Build your ACL from simple building blocks (rules) i.e.:
114112
* ```methods``` a list of HTTP methods
115113
* ```accept_x-forwarded-for_header``` interpret the ```X-Forwarded-For``` header as origin host (useful for AWS ELB and other reverse proxies)
116114
* ```auth_key``` HTTP Basic auth.
115+
* ```indices``` indices (aliases and wildcards work)
116+
* ```actions`` list of ES actions (e.g. "cluster:*" , "indices:data/write/*", "indices:data/read*")
117117

118118
See the (full list of supported rules)[Supported-Rules] for more info on how to use them.
119119

120120

121121
#### Custom response body
122122
Optionally provide a string to be returned as the body of 403 (FORBIDDEN) HTTP response. If not provided, the descriptive "name" field of the matched block will be shown (good for debug!).
123123

124-
## What is this read only mode?
125-
When the plugin is activated and properly configured, Elasticsearch REST API responds with a "403 FORBIDDEN" error whenever the request meets the following parameters:
126-
127-
* Any HTTP method other than GET is requested
128-
* GET request has a body (according to HTTP specs it never should!)
129-
130-
This is enough to keep public users from changing the data (see relevant [ES REST API documentation](http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/docs.html)).
131-
132-
You're free to expand the ACL further if you need more fine grained access control.
133-
134124
## Extra
135-
* [Install, Uninstall, Build this plugin](https://github.com/sscarduzio/elasticsearch-readonlyrest-plugin/wiki/Install,-Uninstall,-Build)
136125
* [List of ACL block rules supported](https://github.com/sscarduzio/elasticsearch-readonlyrest-plugin/wiki/Supported-Rules)
137126

138127
## History

0 commit comments

Comments
 (0)