Document actions of AWS ES access policy needed by GitLab

59e910ea · Changzheng Liu · Marcia Ramos · f23f2d34 · 59e910ea
Commit 59e910ea authored Apr 23, 2021 by Changzheng Liu Committed by Marcia Ramos Apr 23, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 15 additions and 0 deletions

doc/integration/elasticsearch.md doc/integration/elasticsearch.md +15 -0

No files found.
--- a/doc/integration/elasticsearch.md
+++ b/doc/integration/elasticsearch.md
@@ -950,3 +950,18 @@ Advanced Search will store all the projects in the same Elasticsearch indexes,
 however searches will only surface results that can be viewed by the user.
 Advanced Search will honor all permission checks in the application by
 filtering out projects that a user does not have access to at search time.
+
+### Access requirements for the self-managed AWS Elasticsearch Service
+
+To use the self-managed AWS Elasticsearch Service with GitLab, configure your instance's domain access policies
+to contain the actions below.
+See [Identity and Access Management in Amazon Elasticsearch Service](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html) for details.
+
+```plaintext
+es:ESHttpDelete
+es:ESHttpGet
+es:ESHttpHead
+es:ESHttpPost
+es:ESHttpPut
+es:ESHttpPatch
+```