Thank you @pablo for your reply!
I just realized that adding fake DLS to ‘sa’ (our sysadmins’ group) How is DLS applied when user has multiple roles - #6 by rlevitsky
have broken this.
So either some our sysadmins (those who are in any devs group) are unable to see all their indices or nobody (including cluster_admins) is able to update any index pattern (you can delete and recreate, though, but that’s not convenient).
Is there any chance we can have both?