I am running 8.2.2 on Linux. I have a SHC with three members.
I have three indexes. I would like to restrict the searchable index for each role and I would like to understand the best way to distribute that change.
I used the web GUI to create the roles, which the cluster replicated. However, the GUI does not permit non-internal indexes to be deselected. Therefore, I have edited authorize.conf on each member. I am using srchIndexesDisallowed. An account with role_user_a should only be able to search index_a. The configuration below works, but how should I manage changes like this given the GUI limitation -- should I continue to edit the file directly (along with authentication.conf) going forward (and not use the GUI)?
Thanks for the quick response. I had considered that, but given that both files are included in the SHC replication I thought that might lead to problems. Do you manage the files that way and does that mean further GUI edits of both files need to be avoided, do you know? Thanks again.
The fact that the GUI doesn't let you do all you need to do should be enough to steer you toward another method. IMO, clusters should be managed as clusters, with the deployer as the Source of Truth for what the configuration should be. Configuration changes should be made at the deployer and then deployed to SHC members.
--- If this reply helps you, an upvote would be appreciated.