Granting access to Stack Management featuresedit

You define roles and set user privileges at different levels to grant access to each of the Elastic Stack features.

Cross-cluster replicationedit

The cross-cluster replication user requires different cluster and index privileges on the remote cluster and local cluster.

On the remote cluster that contains the leader index, the cross-cluster replication user requires read_ccr cluster privilege and monitor and read privileges on the leader index.

ccr_user:
  cluster:
    - read_ccr
  indices:
    - names: [ 'leader-index' ]
      privileges:
        - monitor
        - read

On the local cluster that contains the follower index, the cross-cluster replication user requires the manage_ccr cluster privilege and monitor, read, write and manage_follow_index privileges on the follower index.

ccr_user:
  cluster:
    - manage_ccr
  indices:
    - names: [ 'follower-index' ]
      privileges:
        - monitor
        - read
        - write
        - manage_follow_index

If you are managing connecting to the remote cluster using the cluster update settings API, you will also need a user with the all cluster privilege.