Shield user with index privileges set to 'all' unable to delete

Topic title sez it.
I have a user w/ privileges set to all on a watcher index. The user is able to create, read, etc... unable to delete watches.

Below is the snippet of the userinquestions roles.yml config.
userinquestion:
cluster:

  • monitor
  • cluster:admin/watcher/watch/put
  • cluster:admin/watcher/watch/delete
    indices:
  • names: index1-*
    privileges:
    • read
    • view_index_metadata
    • indices:data/read/field_stats
    • indices:data/read/msearch
  • names: logstash-*
    privileges:
    • view_index_metadata
    • read
    • indices:data/read/msearch
  • names: "watch" <--- we have _watcher and .watcher indexes
    privileges:
    • all
  • names: index3*
    privileges:
    • read
    • view_index_metadata
    • indices:data/read/field_stats

How are you trying to delete the watch?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.