A user who can create, delete their indexes but restricted to deleting others'

I am new to the ELK stack and I am trying to find a built-in role that could allow a user to create and delete their own indexes but restricted to deleting others' indexes (read-only). Is there any specific role that has these privileges? I went through this Built-in roles | Elasticsearch Guide [8.12] | Elastic and couldn't find any.

Also, any suggestion would be highly appreciated.

Welcome @jeannshuti.

I don't know of a specific role that fits precisely. Have you considered creating custom roles?

1 Like

Thanks @jessgarson I will explore the page. But is there any role which could have those privileges with included maybe? Apologies for a late reply

I don't think there any specific in Elasticsearch that would do that.

You can create a custom role to do what you want, but you will also need that each user index uses a prefix or sufix so this can be added to the role, which also means that you will need one role per user.

For example, your users would need to use index like this: username-index-name or index-name-username, then you would create a role that gives full access to the index username-* for the specific user.

2 Likes

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.