There appears to be a serious lack of information on this despite the fact that as installed elasticsearch is extremely exploitable.
My main fear in using it is that as a non-expert I have no idea what the possible vulnerabilities are and how to close them.
Can someone explain to me a method of locking down elasticsearch so that I can do the following within a secure environment:
Multiple indices per user. Assume I can create this for them in advance, a user should not be able to perform operations on other user's indices, except possibly query them if granted permission. (Possibly some form of secret key in the URL for each user?)
Users can add and delete objects from their indices at will but not drop their index.
Some form of limitation to memory size for the user, so that if something goes wrong they can't overload the service.
I'm guessing some of this has to be done at an application level and I can't expect you to write this for me, however the default configuration is far too open and even if I provide a custom API layer to this someone could easily bypass it and communicate directly with the server.