You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
One of the things we're hoping to accomplish with system indices is to keep users from having to worry about whether or not their index templates are going to affect indices used by Elasticsearch features (such as security) or other stack components (such as Kibana or Fleet). Once system indices are fully implemented, user-created templates will not be able to affect them, but removing user access to, say, Kibana indices, could be a breaking change for some users. In the case where an already existing index has been converted into a system index, we can only warn users to be careful with wildcard templates.
However, for system indices that we're introducing between now and the next major release, we don't need to worry about breaking changes. Since these system indices are "net new", users have never had any access to these indices. In #74186, we removed most access to these new system indices. As a follow-up, we need to make sure that legacy index templates don't apply to these "net new" indices.
A known case here is the GeoIP system index. We might also want to add this protection for the Fleet indices, given the user experience described in this discuss forums post.
todo: add some javadoc that defines "net new" within the code
Is there any progress on this issue?
We just heard from a user who was experiencing authentication issues because an index template was changing the refresh interval on their system indices (not 100% sure which one but likely .kibana_security_session).
It would be great if we can remove this foot gun!
One of the things we're hoping to accomplish with system indices is to keep users from having to worry about whether or not their index templates are going to affect indices used by Elasticsearch features (such as security) or other stack components (such as Kibana or Fleet). Once system indices are fully implemented, user-created templates will not be able to affect them, but removing user access to, say, Kibana indices, could be a breaking change for some users. In the case where an already existing index has been converted into a system index, we can only warn users to be careful with wildcard templates.
However, for system indices that we're introducing between now and the next major release, we don't need to worry about breaking changes. Since these system indices are "net new", users have never had any access to these indices. In #74186, we removed most access to these new system indices. As a follow-up, we need to make sure that legacy index templates don't apply to these "net new" indices.
A known case here is the GeoIP system index. We might also want to add this protection for the Fleet indices, given the user experience described in this discuss forums post.
Relates #42508, #38678, #50251
The text was updated successfully, but these errors were encountered: