Test and Document required role permissions needed by Gitlab on an Elasticsearch node

Release notes

Advanced Search documentation has been updated to list the minimum security privileges required to integrate with Elasticsearch.

Documentation: https://docs.gitlab.com/ee/integration/advanced_search/elasticsearch.html#elasticsearch-with-role-privileges

Topic to Evaluate

We need to specify what are the minimum permissions needed by Gitlab to integrate with Elasticsearch from the entirety of ES security privileges

We currently don't have any guidelines for customers who are configuring Advanced Search and want to be mindful of security best practices. When providing an Elasticsearch username, we assume it's an administrator and has read/write access but we don't explicitly define what type of user role should be used or what type of cluster and index privileges are required. In my testing it's not required to use the built-in administrator role, but if you are creating an admin-like role to be used for the purposes of supplying it to GitLab for integration it would be useful to know what you should need at minimum.

We should update our documentation to include the required list of security privileges a user must have for proper elasticsearch functionality. We should also consider documenting how to scope your roles to specific indexes for those who are security minded.

Some immediate notes:

  • cluster:monitor and index:all for index pattern gitlab-*
  • write access is required to perform all write operations to documents, which includes the permission to index, update, and delete documents as well as performing bulk operations, and allows the dynamic mapping updates as a result of these.

Elasticsearch Documentation:

Slack convo for context:

ZD Ticket:

Tasks to Evaluate

Elasticsearch security privileges.

Edited by Terri Chu