github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

[kbn-es] porting changes for security svl roles from controller (#200695)

Browse source 
## Summary

In Kibana CI we try to replicate MKI env as much as possible and keeping
roles privileges in sync is important. It often leads to test passing on
KIbana PRs / on-merge pipelines and later failing against real
serverless projects on MKI.

Currently the process is manual, this PR updates predefined security
serverless roles based on
https://github.com/elastic/elasticsearch-controller/pull/771
This commit is contained in:
Dzmitry Lemechko 2024-11-20 10:07:52 +01:00 committed by GitHub
parent e5bbd2d31e
commit 07f311ea6e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml
View file

@ -150,6 +150,8 @@ t1_analyst:
- write
- maintenance
- names:
- .lists*
- .items*
- apm-*-transaction*
- traces-apm*
- auditbeat-*
@ -273,6 +275,7 @@ t3_analyst:
privileges:
- read
- write
- view_index_metadata
- names:
- metrics-endpoint.metadata_current_*
- .fleet-agents*
@ -474,6 +477,7 @@ soc_manager:
privileges:
- read
- write
- view_index_metadata
- names:
- metrics-endpoint.metadata_current_*
- .fleet-agents*