You define roles and set user privileges at different levels to grant access to each of the Elastic Stack features.
The cross-cluster replication user requires different cluster and index privileges on the remote cluster and local cluster.
On the remote cluster that contains the leader index, the cross-cluster replication user requires
read_ccr cluster privilege and
read privileges on the
ccr_user: cluster: - read_ccr indices: - names: [ 'leader-index' ] privileges: - monitor - read
On the local cluster that contains the follower index, the cross-cluster replication user requires the
manage_ccr cluster privilege and
manage_follow_index privileges on the follower index.
ccr_user: cluster: - manage_ccr indices: - names: [ 'follower-index' ] privileges: - monitor - read - write - manage_follow_index
If you are managing
connecting to the remote cluster using
the cluster update settings API, you will also need a user with the
Intro to Kibana
ELK for Logs & Metrics