Skip to content

Commit

Permalink
[kbn-es] porting changes for security svl roles from controller (#200695
Browse files Browse the repository at this point in the history 
)

## Summary

In Kibana CI we try to replicate MKI env as much as possible and keeping
roles privileges in sync is important. It often leads to test passing on
KIbana PRs / on-merge pipelines and later failing against real
serverless projects on MKI.

Currently the process is manual, this PR updates predefined security
serverless roles based on
elastic/elasticsearch-controller#771
  • Loading branch information
@dmlemeshko
dmlemeshko authored Nov 20, 2024
1 parent e5bbd2d commit 07f311e
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,8 @@ t1_analyst:
- write
- maintenance
- names:
- .lists*
- .items*
- apm-*-transaction*
- traces-apm*
- auditbeat-*
Expand Down Expand Up @@ -273,6 +275,7 @@ t3_analyst:
privileges:
- read
- write
- view_index_metadata
- names:
- metrics-endpoint.metadata_current_*
- .fleet-agents*
Expand Down Expand Up @@ -474,6 +477,7 @@ soc_manager:
privileges:
- read
- write
- view_index_metadata
- names:
- metrics-endpoint.metadata_current_*
- .fleet-agents*
Expand Down

0 comments on commit 07f311e

Please sign in to comment.