Overview
It is possible to reduce the risk of accidental deletion of indices by preventing the use of wildcard for destructive (deletion) operations.
How to fix the issue
To check whether this setting exists on the cluster, run:
GET _cluster/settings?include_defaults&filter_path=*.action
Look for a setting called:
action.destructive_requires_name
To apply this setting use:
PUT /_cluster/settings
{
"transient": {
"action.destructive_requires_name":true
}
}To remove this setting use:
PUT /_cluster/settings
{
"transient": {
"action.destructive_requires_name":false
}
}Note that this setting can also be applied on each node via the elasticsearch.yml file, but the cluster setting will take priority over any individual node settings.
