I am building a search application. I would like our end users to be able to query our Elastic index which is on Elastic Cloud. I would like to allow users to access certain indexes and not others. I see that X-Pack is included in our paid Elastic Cloud account. Where is there a good example or tutorial illustrating how to authenticate end users?
We would like to do this in the simplest way. For example, if it is possible to create and use JSON Web Tokens (JWTs), we will prefer that approach.
Elastic's X-Pack has no JWT support. You need to create users and roles in your cluster and use basic auth (even more simple than JWT) in order to authenticate and authorise the requests.
If you want to use JWT, have a look at open distro for elasticsearch, also available on AWS or a self managed instance. In this case you can also use the ReadOnlyRest or SearchGuard security plugin support for JWT too.
EDIT: Via an token service short living oAuth2 tokens can be issued too. See https://www.elastic.co/guide/en/elasticsearch/reference/master/security-api-get-token.html for more details
