Skip to content

Commit 8a00fce

Browse files
machadoummachadoum
authored
Add asset criticality indices for kibana_system_user (elastic#113588) (elastic#115307)
* Add asset criticality indices for kibana_system_user * Update docs/changelog/113588.yaml (cherry picked from commit 4ea74f3) # Conflicts: # x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/KibanaOwnedReservedRoleDescriptors.java
1 parent fa2ccff commit 8a00fce

File tree

3 files changed

+7
-1
lines changed

3 files changed

+7
-1
lines changed

docs/changelog/113588.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
pr: 113588
2+
summary: Add asset criticality indices for `kibana_system_user`
3+
area: Security
4+
type: enhancement
5+
issues: []

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/KibanaOwnedReservedRoleDescriptors.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -462,7 +462,7 @@ static RoleDescriptor kibanaSystem(String name) {
462462
RoleDescriptor.IndicesPrivileges.builder().indices("risk-score.risk-*").privileges("all").build(),
463463
RoleDescriptor.IndicesPrivileges.builder()
464464
.indices(".asset-criticality.asset-criticality-*")
465-
.privileges("create_index", "manage", "read")
465+
.privileges("create_index", "manage", "read", "write")
466466
.build(),
467467
RoleDescriptor.IndicesPrivileges.builder().indices(".entities.v1.latest.security*").privileges("read").build(),
468468
// For cloud_defend usageCollection

x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStoreTests.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1786,6 +1786,7 @@ public void testKibanaSystemRole() {
17861786
final IndexAbstraction indexAbstraction = mockIndexAbstraction(indexName);
17871787
assertThat(kibanaRole.indices().allowedIndicesMatcher(TransportCreateIndexAction.TYPE.name()).test(indexAbstraction), is(true));
17881788
assertThat(kibanaRole.indices().allowedIndicesMatcher(TransportSearchAction.TYPE.name()).test(indexAbstraction), is(true));
1789+
assertThat(kibanaRole.indices().allowedIndicesMatcher(TransportUpdateAction.TYPE.name()).test(indexAbstraction), is(true));
17891790
assertViewIndexMetadata(kibanaRole, indexName);
17901791
});
17911792

0 commit comments

Comments
 (0)