Add index-level privilege for force merge #29702
Labels
>enhancement
:Security/Authorization
Roles, Privileges, DLS/FLS, RBAC/ABAC
Team:Security
Meta label for security team
Original comment by @ppf2:
Force merge can be dangerous. Sometimes even admins have to be blocked from running it, and only allow super/smarter admins to run it. With the move to high level privileges, force merge action is now part of a broader manage privilege at the index level. Perhaps we can create force_merge privilege and remove it from the generic manage privilege so that they have to grant it explicitly for specific users?
The text was updated successfully, but these errors were encountered: