We run Elastic and Kibana in Docker.
We hit the disk space limit and indices moved to read-only state. After cleaned up I tried to set them to read-write state by executing this command-
$ curl -XPUT -H "Content-Type: application/json" https://[YOUR_ELASTICSEARCH_ENDPOINT]:9200/_all/_settings -d '{"index.blocks.read_only_allow_delete": null}'
but some indices were not affected, including .security *.
It looks like that elastic user does not have enough privileges to do it.
I tried to create a new role in roles.yml, but I still cannot assign this role to elastic due to .security index is read only.
So it looks like a catch22 situation.
Is it a way to assign this role to an elastic user directly in yamls, bypassing API?
Or may be there is more elegant way to get out of this loop?