How to restrict kibanauser role for index pattern deletion

Hi Team,

I am using latest version of opendistro elasticsearch. I have also setup a cluster successfully.

I have created custom roles for every indices access; which applied to individual users whom are required to access them. Find testing configs.

role.yml
read_index1:
index_permissions:

  • index_patterns:
    • index1
      allowed_actions:
    • “READ”
    • “SEARCH”
    • “GET”
    • “SUGGEST”

roles_mapping YML:
read_index1:
reserved: true
backend_roles:

  • “read_index1”

kibana_user:
reserved: true
backend_roles:

  • “kibanauser”

Internal Users YML:
user1:
description: user1
hash: ****** hash******
backend_roles:

  • “kibanauser”
  • “read_index1”

Everything has been working fine but problem is that user1 can delete other index patterns also.

Let me know if I can restrict him.

Shubham

Hello @shubhamblackstratus,

You use kibana_user role to provides user access to the Kibana. Every index pattern probably is stored in the index like .kibana_-xxxxx where user, accordingly to the kibana_user have delete permissions:

Is there a way to use a different custom role for this with the required permissions or use a custom tenant with the defined index patterns where user will have only read-only permissions?