Role-based access control, and more


Role-based access control, and moreedit

Introducing role-based access control

Role-based access control introduces standard roles in Elasticsearch Service. Those roles are assigned to users under an organization, allowing for more granular permissions management. Role mapping happens on a per-role and per-deployment level. To learn more, check out the documentation.


Support Elasticsearch plugins built against the stable plugin API. Added support for Elasticsearch plugins built against the stable plugin API introduced in Elasticsearch 8.7.0.


Make sure the request future executions are requested in parallel. Improved deployment search API performance and response times.


Removed transactionGroupBucketSize The xpack.apm.ui.transactionGroupBucketSize APM configuration setting has been removed from the Kibana User Settings for deployments with version 8.7 and later.

Bug fixesedit

Fix user lookup by email: Include users without organizations. Fix API user management bug affecting user lookup for users that haven’t started their trials.

Return subscribed = true for organizations that are allowedToProvision. _introspect API will now return linked organizations marked as subscribed = True if the organization is allowed_to_provision_without_payment_established as opposed to before, that only was returned to true if the organization was paying.

Add changes to accounter-syncs to accomodate dynamic configuration for monitors. The monitoring results had metadata.enabled and metadata.muted present for missing-skus, but is missing for accounter-syncs.

Fixing bug with deployment template creation on logs/metrics page. Fixing a bug that didn’t allow users to deselect sending monitoring data of either logs or metrics.

Abort boot on missing user plugin. Fixed a bug where Elasticsearch instances would silently ignore a user plugin that failed to download at boot time. Behavior is now corrected to keep retrying until success or plan timeout.