Prevent users from deleting of _all scroll contexts when giving "indices:data/read/scroll/clear" cluster permissins

boris.toninski · January 25, 2021, 12:27pm

Is there a way to prevent users from executing

DELETE /_search/scroll
{
“scroll_id” : “_all”
}

but still grant them permission to delete scroll context by id?

Thanks and have a nice day,
Boris

pablo · August 16, 2021, 12:06am

Did you resolve your issue? What ODFE version are you running?

Topic		Replies	Views
Create user have read only permission ( query via dev tools ) Security	22	2970	May 25, 2023
Index permissions as Cluster permission Security	1	122	January 26, 2024
Search over 700 indices causes MISSING_PRIVILEGES Security	2	539	May 5, 2021
How to limit user's access to a group of indices only Security	8	1196	April 16, 2021
.opendistro_security index blocks "read_only_allow_delete" Security	5	2410	November 23, 2021