Is there any way to get field-level security to allow/disallow searching / aggregating against specific fields? I’ve tried setting up OpenDistro and create a test user/role, but all I can manage is to hide the field from _source as it’s returned. What I would like to be able to do is to restrict which fields a specific user can search through.
My use-case is that I have an index with different fields that different tiers of users can / can not search. My current approach is to create two indices with the different sets of fields that the user can query.