I would like to create a role that allows creating new users and manage them. But, it must not be able to change the password / manage some specific users.
Is this possible?.
The idea is 2 layers of administration:
- super admin: It manages all the users (built-in, logstash, kibana, etc).
- admin: It manages new users, but it shouldn't be able to modify the users created by the super admin user.