I have created one role from Kibana in which i have given read and write privilege , but the users are still able to delete index with _delete_by_query API call.
How can i prevent user from deleting index ?
What are the exact permissions given to the role?
Per the documentation on index privileges, write
includes permission to delete.
If you don't want your users to be able to delete documents, you should use a different privilege such as index
.
It is not possible to delete the index with read/write only permission.
check the access
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "action [indices:admin/delete] is unauthorized for user [ding] with roles [zxy], this action is granted by the index privileges [delete_index,manage,all]"
}
],
"type" : "security_exception",
"reason" : "action [indices:admin/delete] is unauthorized for user [ding] with roles [zxy], this action is granted by the index privileges [delete_index,manage,all]"
},
"status" : 403
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.