Simone Scarduzio

your query is matching `Basic Kibana Access` block, which only can see one index ``` indices: [".kibana_@{X-Forwarded-User}"] ```` it is expected that returns no result, as that index does not...

Of course. You can put the block with filter rule higher in your ACL, so the request matches it before having time to evaluate the others.

I'm pretty sure with a minimum of devops skills you can wrap ROR deployment and hook the decoded secrets into environmental variables, which are by the way [supported](https://github.com/beshu-tech/readonlyrest-docs/blob/master/elasticsearch.md#environmental-variables) in `readonlyrest.yml`....

@LordFPL or did you mean implementing vault as a runtime authentication connector like we have LDAP?

Got it, and it's quite interesting idea. Too bad I didn't find any asynchronous vault library for Java. 🤦🏻‍♂️

So for what concerns third party plugins and integrations, you can proceed with this common troubleshooting technique: Install ROR for ES + the third party plugin. Put verbosity to info...

I think you have a regex escape problem.

get the plugin to use HTTP Basic Auth and you'd be 100% sorted. If the feature is not there, request it to the plugin maintainer, it generally is a piece...

@shubhamverma27 there's no way to do that at the moment.

Interesting, the host part of the URL is missing. That makes for an invalid URL to begin with. Have you tried if it produces the same faultyURLs without the plugin...