Index setting read_only_allow_delete does not allow _delete_by_query

iamredlus · February 24, 2019, 12:14pm

Hi

After applying read_only_allow_delete to an index -
PUT /index_name/_settings

{
    "index": {
        "blocks": {
            "read_only_allow_delete": true
        }
    }
}

Issuing a _delete_by_query produces the following failures:

{
    "took": 789,
    "timed_out": false,
    "total": 18951,
    "deleted": 0,
    "batches": 1,
    "version_conflicts": 0,
    "noops": 0,
    "retries": {
        "bulk": 0,
        "search": 0
    },
    "throttled_millis": 0,
    "requests_per_second": -1,
    "throttled_until_millis": 0,
    "failures": [
        {
            "index": "index_name",
            "type": "logs",
            "id": "mPs8vWgBqIRu5N0y1gmI",
            "cause": {
                "type": "cluster_block_exception",
                "reason": "blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];"
            },
            "status": 403
        }
        .
        .
        .
        (many more errors like this one)
    ]
}

Only by removing read_only_allow_delete I've been able to successfully run the delete query.

Why is this happening?
Shouldn't this setting allow deletion?
If not, I'd specifically note this in the documentation. Also, it would be nice to have such a setting where new deleting and indexing a new document would not be considered the same action.

Thanks.

Christian_Dahlqvist · February 24, 2019, 12:23pm

That privilege allows you to delete the full index, not individual documents from it, which is what delete by query does.

iamredlus · February 24, 2019, 8:48pm

Is there any setting which allows the deletion of documents, but not indexing?

Christian_Dahlqvist · February 24, 2019, 8:55pm

No, I do not believe there is.

system · March 24, 2019, 8:55pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.