- ES version: 5.6.8
- Searg Gaurd version: 188.8.131.52-19
- Java: 1.8
- OS: Ubuntu:14.04
- No ELK stack
- Only SG plugin and Cerebro plugin
I have a query. Let’s assume I have assigned a user to the group where WRITE (POST) is defined. And, if the user is firing _delete_by_query using POST request then the user is able to delete the indices. Logically, the user should not be able to delete but the user is using the POST as method hence he satisfies the logic. We know ES doesn’t satisfy or follow REST semantics correctly.
Is there any way in SG where we can restrict or handle such kind of requests? If such issue has already been addressed then please redirect me to that link else suggest us on this. It would be of great help if there is any readmade example for the same.
It would be of great learning to us.