[8.17] [Core] Migrate SO `_migrate` route authorization to the new system (#200111) (#202160)

# Backport

This will backport the following commits from `main` to `8.17`:
- [[Core] Migrate SO `_migrate` route authorization to the new
system (#200111)](https://github.com/elastic/kibana/pull/200111)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Kyra
Cho","email":"wsc2119@columbia.edu"},"sourceCommit":{"committedDate":"2024-11-28T11:59:23Z","message":"[Core]
Migrate SO `_migrate` route authorization to the new system
(#200111)\n\n## Summary\nHi! 😊 this PR deals with #198181
\n\n```diff\nrouter.post({\n path: '/_migrate',\n- options: {\n- tags:
['access:migrateSavedObjects'],\n+ security: {\n+ authz: {\n+
requiredPrivileges: ['migrateSavedObjects'],\n+ },\n ...\n},
handler);\n```\n\n\n### Checklist\n\nCheck the PR satisfies following
conditions. \n\nReviewers should verify this PR satisfies this list as
well.\n\n- [n/a] Any text added follows [EUI's
writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\nsentence case text and includes
[i18n\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\n-
[n/a]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas
added for features that require explanation or tutorials\n- [n/a] [Unit
or
functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere
updated or added to match the most common scenarios\n- [n/a] If a plugin
configuration key changed, check if it needs to be\nallowlisted in the
cloud and added to the
[docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n-
[n/a] This was checked for breaking HTTP API changes, and any
breaking\nchanges have been approved by the breaking-change committee.
The\n`release_note:breaking` label should be applied in these
situations.\n- [n/a] [Flaky
Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\nused on any tests changed\n- [n/a] The PR description includes the
appropriate Release Notes\nsection, and the correct `release_node:*`
label is applied per
the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n\n###
Identify risks\n\nDoes this PR introduce any risks? For example,
consider risks like hard\nto test bugs, performance regression,
potential of data loss.\n\nDescribe the risk, its severity, and
mitigation for each identified\nrisk. Invite stakeholders and evaluate
how to proceed before merging.\n\n- [ ] [See some
risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n-
[ ] ...\n\n---------\n\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>\nCo-authored-by: Alejandro
Fernández Haro
<alejandro.haro@elastic.co>","sha":"c2c6f56aa823edf01db551a24815059a57709c9c","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","release_note:skip","💝community","v9.0.0","ci:project-deploy-observability","Team:obs-ux-infra_services","backport:version","v8.17.0","v8.18.0"],"title":"[Core]
Migrate SO `_migrate` route authorization to the new
system","number":200111,"url":"https://github.com/elastic/kibana/pull/200111","mergeCommit":{"message":"[Core]
Migrate SO `_migrate` route authorization to the new system
(#200111)\n\n## Summary\nHi! 😊 this PR deals with #198181
\n\n```diff\nrouter.post({\n path: '/_migrate',\n- options: {\n- tags:
['access:migrateSavedObjects'],\n+ security: {\n+ authz: {\n+
requiredPrivileges: ['migrateSavedObjects'],\n+ },\n ...\n},
handler);\n```\n\n\n### Checklist\n\nCheck the PR satisfies following
conditions. \n\nReviewers should verify this PR satisfies this list as
well.\n\n- [n/a] Any text added follows [EUI's
writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\nsentence case text and includes
[i18n\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\n-
[n/a]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas
added for features that require explanation or tutorials\n- [n/a] [Unit
or
functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere
updated or added to match the most common scenarios\n- [n/a] If a plugin
configuration key changed, check if it needs to be\nallowlisted in the
cloud and added to the
[docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n-
[n/a] This was checked for breaking HTTP API changes, and any
breaking\nchanges have been approved by the breaking-change committee.
The\n`release_note:breaking` label should be applied in these
situations.\n- [n/a] [Flaky
Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\nused on any tests changed\n- [n/a] The PR description includes the
appropriate Release Notes\nsection, and the correct `release_node:*`
label is applied per
the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n\n###
Identify risks\n\nDoes this PR introduce any risks? For example,
consider risks like hard\nto test bugs, performance regression,
potential of data loss.\n\nDescribe the risk, its severity, and
mitigation for each identified\nrisk. Invite stakeholders and evaluate
how to proceed before merging.\n\n- [ ] [See some
risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n-
[ ] ...\n\n---------\n\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>\nCo-authored-by: Alejandro
Fernández Haro
<alejandro.haro@elastic.co>","sha":"c2c6f56aa823edf01db551a24815059a57709c9c"}},"sourceBranch":"main","suggestedTargetBranches":["8.17","8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/200111","number":200111,"mergeCommit":{"message":"[Core]
Migrate SO `_migrate` route authorization to the new system
(#200111)\n\n## Summary\nHi! 😊 this PR deals with #198181
\n\n```diff\nrouter.post({\n path: '/_migrate',\n- options: {\n- tags:
['access:migrateSavedObjects'],\n+ security: {\n+ authz: {\n+
requiredPrivileges: ['migrateSavedObjects'],\n+ },\n ...\n},
handler);\n```\n\n\n### Checklist\n\nCheck the PR satisfies following
conditions. \n\nReviewers should verify this PR satisfies this list as
well.\n\n- [n/a] Any text added follows [EUI's
writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\nsentence case text and includes
[i18n\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\n-
[n/a]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas
added for features that require explanation or tutorials\n- [n/a] [Unit
or
functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere
updated or added to match the most common scenarios\n- [n/a] If a plugin
configuration key changed, check if it needs to be\nallowlisted in the
cloud and added to the
[docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n-
[n/a] This was checked for breaking HTTP API changes, and any
breaking\nchanges have been approved by the breaking-change committee.
The\n`release_note:breaking` label should be applied in these
situations.\n- [n/a] [Flaky
Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\nused on any tests changed\n- [n/a] The PR description includes the
appropriate Release Notes\nsection, and the correct `release_node:*`
label is applied per
the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n\n###
Identify risks\n\nDoes this PR introduce any risks? For example,
consider risks like hard\nto test bugs, performance regression,
potential of data loss.\n\nDescribe the risk, its severity, and
mitigation for each identified\nrisk. Invite stakeholders and evaluate
how to proceed before merging.\n\n- [ ] [See some
risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n-
[ ] ...\n\n---------\n\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>\nCo-authored-by: Alejandro
Fernández Haro
<alejandro.haro@elastic.co>","sha":"c2c6f56aa823edf01db551a24815059a57709c9c"}},{"branch":"8.17","label":"v8.17.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Kyra Cho <wsc2119@columbia.edu>

packages/core/saved-objects/core-saved-objects-server-internal/src/routes/migrate.ts

@@ -19,8 +19,10 @@ export const registerMigrateRoute = (
     {
       path: '/_migrate',
       validate: false,
-      options: {
-        tags: ['access:migrateSavedObjects'],
+      security: {
+        authz: {
+          requiredPrivileges: ['migrateSavedObjects'],
+        },
       },
     },
     catchAndReturnBoomErrors(async (context, req, res) => {