HI
I want to assign user the permission to create watcher and read watcher, and have no permission to delete it. can you tell me how to configure the roles. below is my configuration, but the user not only can create the watcher but also can delete it.
POST /_xpack/security/role/test_power_role
{
"cluster": [ "monitor" ],
"indices": [
{
"names": [ "telemetry_processing_eventflow*" ],
"privileges":[
"manage",
"read",
"index"
]
},
{
"names": [
".kibana*"
],
"privileges": [
"manage",
"read",
"index"
]
},
{
"names": [
".watches"
],
"privileges": [
"read",
"create"
]
}
]
}
PUT /_xpack/security/role_mapping/test_power_mapping
{
"roles": [ "test_power_role","monitoring_user" ,"watcher_admin"],
"enabled": true,
"rules": {
"field": { "metadata.saml(Group)": "corp.elasticsearch.test" }
}
}
the elasticsearch version is 6.3.1