This handles Elasticsearch RBAC operations: creating native users, defining roles with granular index and cluster privileges, and mapping external realm users from LDAP or SAML. The skill walks you through decomposing natural language access requests into discrete API calls, checking for existing roles before creating duplicates, and choosing between the Elasticsearch and Kibana APIs depending on whether you need Kibana feature privileges. It covers document and field level security for restricting data visibility, and includes specific workflows for self-managed, ECH, and Serverless deployments. Useful when you're setting up least-privilege access and want structured guidance on translating "give this person read access to these logs" into the right sequence of user, role, and role mapping operations.
npx skills add https://github.com/elastic/agent-skills --skill elasticsearch-authz