diff --git a/output/openapi/elasticsearch-serverless-openapi.json b/output/openapi/elasticsearch-serverless-openapi.json index 54ef09fde2..8545007008 100644 --- a/output/openapi/elasticsearch-serverless-openapi.json +++ b/output/openapi/elasticsearch-serverless-openapi.json @@ -17568,101 +17568,6 @@ } } }, - "/_security/role/{name}": { - "get": { - "tags": [ - "security.get_role" - ], - "summary": "Retrieves roles in the native realm.", - "description": "Retrieves roles in the native realm.", - "externalDocs": { - "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-role.html" - }, - "operationId": "security-get-role", - "parameters": [ - { - "$ref": "#/components/parameters/security.get_role#name" - } - ], - "responses": { - "200": { - "$ref": "#/components/responses/security.get_role#200" - } - } - }, - "put": { - "tags": [ - "security.put_role" - ], - "summary": "Adds and updates roles in the native realm.", - "description": "Adds and updates roles in the native realm.", - "externalDocs": { - "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role.html" - }, - "operationId": "security-put-role", - "parameters": [ - { - "$ref": "#/components/parameters/security.put_role#name" - }, - { - "$ref": "#/components/parameters/security.put_role#refresh" - } - ], - "requestBody": { - "$ref": "#/components/requestBodies/security.put_role" - }, - "responses": { - "200": { - "$ref": "#/components/responses/security.put_role#200" - } - } - }, - "post": { - "tags": [ - "security.put_role" - ], - "summary": "Adds and updates roles in the native realm.", - "description": "Adds and updates roles in the native realm.", - "externalDocs": { - "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role.html" - }, - "operationId": "security-put-role-1", - "parameters": [ - { - "$ref": "#/components/parameters/security.put_role#name" - }, - { - "$ref": "#/components/parameters/security.put_role#refresh" - } - ], - "requestBody": { - "$ref": "#/components/requestBodies/security.put_role" - }, - "responses": { - "200": { - "$ref": "#/components/responses/security.put_role#200" - } - } - } - }, - "/_security/role": { - "get": { - "tags": [ - "security.get_role" - ], - "summary": "Retrieves roles in the native realm.", - "description": "Retrieves roles in the native realm.", - "externalDocs": { - "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-role.html" - }, - "operationId": "security-get-role-1", - "responses": { - "200": { - "$ref": "#/components/responses/security.get_role#200" - } - } - } - }, "/_security/user/_has_privileges": { "get": { "tags": [ @@ -21944,19 +21849,6 @@ } } }, - "security.get_role#200": { - "description": "", - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security.get_role:Role" - } - } - } - } - }, "security.has_privileges#200": { "description": "", "content": { @@ -21997,24 +21889,6 @@ } } }, - "security.put_role#200": { - "description": "", - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "role": { - "$ref": "#/components/schemas/security._types:CreatedStatus" - } - }, - "required": [ - "role" - ] - } - } - } - }, "security.query_api_keys#200": { "description": "", "content": { @@ -27102,17 +26976,6 @@ }, "style": "form" }, - "security.get_role#name": { - "in": "path", - "name": "name", - "description": "The name of the role. You can specify multiple roles as a comma-separated list. If you do not specify this parameter, the API returns information about all roles.", - "required": true, - "deprecated": false, - "schema": { - "$ref": "#/components/schemas/_types:Names" - }, - "style": "simple" - }, "security.has_privileges#user": { "in": "path", "name": "user", @@ -27124,27 +26987,6 @@ }, "style": "simple" }, - "security.put_role#name": { - "in": "path", - "name": "name", - "description": "The name of the role.", - "required": true, - "deprecated": false, - "schema": { - "$ref": "#/components/schemas/_types:Name" - }, - "style": "simple" - }, - "security.put_role#refresh": { - "in": "query", - "name": "refresh", - "description": "If `true` (the default) then refresh the affected shards to make this operation visible to search, if `wait_for` then wait for a refresh to make this operation visible to search, if `false` then do nothing with refreshes.", - "deprecated": false, - "schema": { - "$ref": "#/components/schemas/_types:Refresh" - }, - "style": "form" - }, "security.query_api_keys#with_limited_by": { "in": "query", "name": "with_limited_by", @@ -28901,59 +28743,6 @@ }, "required": true }, - "security.put_role": { - "content": { - "application/json": { - "schema": { - "type": "object", - "properties": { - "applications": { - "description": "A list of application privilege entries.", - "type": "array", - "items": { - "$ref": "#/components/schemas/security._types:ApplicationPrivileges" - } - }, - "cluster": { - "description": "A list of cluster privileges. These privileges define the cluster-level actions for users with this role.", - "type": "array", - "items": { - "$ref": "#/components/schemas/security._types:ClusterPrivilege" - } - }, - "indices": { - "description": "A list of indices permissions entries.", - "type": "array", - "items": { - "$ref": "#/components/schemas/security._types:IndicesPrivileges" - } - }, - "metadata": { - "$ref": "#/components/schemas/_types:Metadata" - }, - "run_as": { - "externalDocs": { - "url": "https://www.elastic.co/guide/en/elasticsearch/reference/current/run-as-privilege.html" - }, - "description": "A list of users that the owners of this role can impersonate. *Note*: in Serverless, the run-as feature is disabled. For API compatibility, you can still specify an empty `run_as` field, but a non-empty list will be rejected.", - "type": "array", - "items": { - "type": "string" - } - }, - "transient_metadata": { - "description": "Indicates roles that might be incompatible with the current cluster license, specifically roles with document and field level security. When the cluster license doesn’t allow certain features for a given role, this parameter is updated dynamically to list the incompatible features. If `enabled` is `false`, the role is ignored, but is still listed in the response from the authenticate API.", - "type": "object", - "additionalProperties": { - "type": "object" - } - } - } - } - } - }, - "required": true - }, "security.query_api_keys": { "content": { "application/json": { @@ -60019,6 +59808,10 @@ }, "query": { "$ref": "#/components/schemas/security._types:IndicesPrivilegesQuery" + }, + "allow_restricted_indices": { + "description": "Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.", + "type": "boolean" } }, "required": [ @@ -60053,9 +59846,13 @@ "maintenance", "manage", "manage_data_stream_lifecycle", + "manage_follow_index", + "manage_ilm", + "manage_leader_index", "monitor", "none", "read", + "read_cross_cluster", "view_index_metadata", "write" ] @@ -60222,93 +60019,6 @@ "name" ] }, - "security.get_role:Role": { - "type": "object", - "properties": { - "cluster": { - "type": "array", - "items": { - "type": "string" - } - }, - "indices": { - "type": "array", - "items": { - "$ref": "#/components/schemas/security._types:IndicesPrivileges" - } - }, - "metadata": { - "$ref": "#/components/schemas/_types:Metadata" - }, - "run_as": { - "type": "array", - "items": { - "type": "string" - } - }, - "transient_metadata": { - "type": "object", - "additionalProperties": { - "type": "object" - } - }, - "applications": { - "type": "array", - "items": { - "$ref": "#/components/schemas/security._types:ApplicationPrivileges" - } - }, - "role_templates": { - "type": "array", - "items": { - "$ref": "#/components/schemas/security._types:RoleTemplate" - } - }, - "global": { - "type": "object", - "additionalProperties": { - "type": "object", - "additionalProperties": { - "type": "object", - "additionalProperties": { - "type": "array", - "items": { - "type": "string" - } - } - } - } - } - }, - "required": [ - "cluster", - "indices", - "metadata", - "run_as", - "applications" - ] - }, - "security._types:RoleTemplate": { - "type": "object", - "properties": { - "format": { - "$ref": "#/components/schemas/security._types:TemplateFormat" - }, - "template": { - "$ref": "#/components/schemas/_types:Script" - } - }, - "required": [ - "template" - ] - }, - "security._types:TemplateFormat": { - "type": "string", - "enum": [ - "string", - "json" - ] - }, "security.has_privileges:ApplicationPrivilegesCheck": { "type": "object", "properties": { @@ -60342,33 +60052,57 @@ "enum": [ "all", "cancel_task", + "create_snapshot", + "cross_cluster_replication", + "cross_cluster_search", + "delegate_pki", + "grant_api_key", "manage", "manage_api_key", + "manage_autoscaling", "manage_behavioral_analytics", + "manage_ccr", "manage_data_frame_transforms", "manage_data_stream_global_retention", "manage_enrich", + "manage_ilm", "manage_index_templates", + "manage_inference", "manage_ingest_pipelines", "manage_logstash_pipelines", "manage_ml", + "manage_oidc", "manage_own_api_key", "manage_pipeline", + "manage_rollup", + "manage_saml", "manage_search_application", "manage_search_query_rules", "manage_search_synonyms", "manage_security", + "manage_service_account", + "manage_slm", + "manage_token", "manage_transform", + "manage_user_profile", + "manage_watcher", "monitor", "monitor_data_frame_transforms", "monitor_data_stream_global_retention", "monitor_enrich", "monitor_inference", "monitor_ml", + "monitor_rollup", + "monitor_snapshot", + "monitor_text_structure", "monitor_transform", - "read_pipeline", + "monitor_watcher", "none", "post_behavioral_analytics_event", + "read_ccr", + "read_connector_secrets", + "read_fleet_secrets", + "read_ilm", "read_pipeline", "read_security", "read_slm", @@ -60418,17 +60152,6 @@ "type": "boolean" } }, - "security._types:CreatedStatus": { - "type": "object", - "properties": { - "created": { - "type": "boolean" - } - }, - "required": [ - "created" - ] - }, "security.query_api_keys:ApiKeyAggregationContainer": { "allOf": [ { diff --git a/output/schema/schema.json b/output/schema/schema.json index ccd36de80a..d0311ed22a 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -16285,7 +16285,7 @@ "availability": { "serverless": { "stability": "stable", - "visibility": "public" + "visibility": "private" }, "stack": { "since": "0.0.0", @@ -17030,7 +17030,7 @@ "availability": { "serverless": { "stability": "stable", - "visibility": "public" + "visibility": "private" }, "stack": { "since": "0.0.0", @@ -177861,7 +177861,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L307-L309" + "specLocation": "security/_types/Privileges.ts#L218-L220" }, { "kind": "interface", @@ -177947,35 +177947,20 @@ "name": "cancel_task" }, { - "availability": { - "stack": {} - }, "name": "create_snapshot" }, { - "availability": { - "stack": {} - }, - "name": "grant_api_key" - }, - { - "availability": { - "stack": {} - }, "name": "cross_cluster_replication" }, { - "availability": { - "stack": {} - }, "name": "cross_cluster_search" }, { - "availability": { - "stack": {} - }, "name": "delegate_pki" }, + { + "name": "grant_api_key" + }, { "name": "manage" }, @@ -177983,18 +177968,12 @@ "name": "manage_api_key" }, { - "availability": { - "stack": {} - }, "name": "manage_autoscaling" }, { "name": "manage_behavioral_analytics" }, { - "availability": { - "stack": {} - }, "name": "manage_ccr" }, { @@ -178007,18 +177986,12 @@ "name": "manage_enrich" }, { - "availability": { - "stack": {} - }, "name": "manage_ilm" }, { "name": "manage_index_templates" }, { - "availability": { - "stack": {} - }, "name": "manage_inference" }, { @@ -178031,9 +178004,6 @@ "name": "manage_ml" }, { - "availability": { - "stack": {} - }, "name": "manage_oidc" }, { @@ -178043,15 +178013,9 @@ "name": "manage_pipeline" }, { - "availability": { - "stack": {} - }, "name": "manage_rollup" }, { - "availability": { - "stack": {} - }, "name": "manage_saml" }, { @@ -178067,36 +178031,21 @@ "name": "manage_security" }, { - "availability": { - "stack": {} - }, "name": "manage_service_account" }, { - "availability": { - "stack": {} - }, "name": "manage_slm" }, { - "availability": { - "stack": {} - }, "name": "manage_token" }, { "name": "manage_transform" }, { - "availability": { - "stack": {} - }, "name": "manage_user_profile" }, { - "availability": { - "stack": {} - }, "name": "manage_watcher" }, { @@ -178118,64 +178067,37 @@ "name": "monitor_ml" }, { - "availability": { - "stack": {} - }, "name": "monitor_rollup" }, { - "availability": { - "stack": {} - }, "name": "monitor_snapshot" }, { - "availability": { - "stack": {} - }, "name": "monitor_text_structure" }, { "name": "monitor_transform" }, { - "availability": { - "stack": {} - }, "name": "monitor_watcher" }, { - "availability": { - "stack": {} - }, - "name": "read_ccr" - }, - { - "availability": { - "stack": {} - }, - "name": "read_ilm" + "name": "none" }, { - "name": "read_pipeline" + "name": "post_behavioral_analytics_event" }, { - "availability": { - "stack": {} - }, - "name": "read_slm" + "name": "read_ccr" }, { - "availability": { - "stack": {} - }, - "name": "transport_client" + "name": "read_connector_secrets" }, { - "name": "none" + "name": "read_fleet_secrets" }, { - "name": "post_behavioral_analytics_event" + "name": "read_ilm" }, { "name": "read_pipeline" @@ -178200,7 +178122,7 @@ "name": "ClusterPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L41-L178" + "specLocation": "security/_types/Privileges.ts#L41-L102" }, { "kind": "interface", @@ -178321,7 +178243,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L303-L305" + "specLocation": "security/_types/Privileges.ts#L214-L216" }, { "kind": "enum", @@ -178385,21 +178307,12 @@ "name": "manage_data_stream_lifecycle" }, { - "availability": { - "stack": {} - }, "name": "manage_follow_index" }, { - "availability": { - "stack": {} - }, "name": "manage_ilm" }, { - "availability": { - "stack": {} - }, "name": "manage_leader_index" }, { @@ -178412,9 +178325,6 @@ "name": "read" }, { - "availability": { - "stack": {} - }, "name": "read_cross_cluster" }, { @@ -178428,7 +178338,7 @@ "name": "IndexPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L265-L301" + "specLocation": "security/_types/Privileges.ts#L188-L212" }, { "kind": "interface", @@ -178491,9 +178401,6 @@ } }, { - "availability": { - "stack": {} - }, "description": "Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.", "name": "allow_restricted_indices", "required": false, @@ -178507,7 +178414,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L180-L204" + "specLocation": "security/_types/Privileges.ts#L104-L127" }, { "codegenNames": [ @@ -178521,7 +178428,7 @@ "name": "IndicesPrivilegesQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L230-L238", + "specLocation": "security/_types/Privileges.ts#L153-L161", "type": { "items": [ { @@ -178571,7 +178478,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L311-L313" + "specLocation": "security/_types/Privileges.ts#L222-L224" }, { "kind": "interface", @@ -179065,7 +178972,7 @@ "name": "RoleTemplateInlineQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L259-L260", + "specLocation": "security/_types/Privileges.ts#L182-L183", "type": { "items": [ { @@ -179145,7 +179052,7 @@ } ], "shortcutProperty": "source", - "specLocation": "security/_types/Privileges.ts#L252-L257" + "specLocation": "security/_types/Privileges.ts#L175-L180" }, { "kind": "interface", @@ -179169,7 +179076,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L240-L250" + "specLocation": "security/_types/Privileges.ts#L163-L173" }, { "codegenNames": [ @@ -179181,7 +179088,7 @@ "name": "RoleTemplateScript", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L262-L263", + "specLocation": "security/_types/Privileges.ts#L185-L186", "type": { "items": [ { @@ -179411,7 +179318,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L206-L228" + "specLocation": "security/_types/Privileges.ts#L129-L151" }, { "kind": "interface", @@ -184768,9 +184675,6 @@ } }, { - "availability": { - "stack": {} - }, "description": "An object defining global privileges. A global privilege is a form of cluster privilege that is request-aware. Support for global privileges is currently limited to the management of application privileges.", "name": "global", "required": false, @@ -184817,7 +184721,7 @@ } }, { - "description": "A list of users that the owners of this role can impersonate. *Note*: in Serverless, the run-as feature is disabled. For API compatibility, you can still specify an empty `run_as` field, but a non-empty list will be rejected.", + "description": "A list of users that the owners of this role can impersonate.", "docId": "run-as-privilege", "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/run-as-privilege.html", "name": "run_as", @@ -184894,7 +184798,7 @@ } } ], - "specLocation": "security/put_role/SecurityPutRoleRequest.ts#L30-L80" + "specLocation": "security/put_role/SecurityPutRoleRequest.ts#L30-L79" }, { "body": { diff --git a/output/schema/schema/schema.json b/output/schema/schema/schema.json index 00855ae086..b2ad8759b3 100644 --- a/output/schema/schema/schema.json +++ b/output/schema/schema/schema.json @@ -16003,7 +16003,7 @@ "availability": { "serverless": { "stability": "stable", - "visibility": "public" + "visibility": "private" }, "stack": { "since": "0.0.0", @@ -16748,7 +16748,7 @@ "availability": { "serverless": { "stability": "stable", - "visibility": "public" + "visibility": "private" }, "stack": { "since": "0.0.0", @@ -129989,21 +129989,6 @@ "namespace": "_types" } } -<<<<<<< HEAD - }, - { - "description": "The configuration option ignore_missing_component_templates can be used when an index template\nreferences a component template that might not exist", - "name": "ignore_missing_component_templates", - "required": false, - "type": { - "kind": "array_of", - "value": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } -======= }, { "description": "The configuration option ignore_missing_component_templates can be used when an index template\nreferences a component template that might not exist", @@ -130029,7 +130014,6 @@ "type": { "name": "boolean", "namespace": "_builtins" ->>>>>>> main } } } @@ -130113,11 +130097,7 @@ } } ], -<<<<<<< HEAD - "specLocation": "indices/simulate_template/IndicesSimulateTemplateRequest.ts#L27-L114" -======= "specLocation": "indices/simulate_template/IndicesSimulateTemplateRequest.ts#L27-L119" ->>>>>>> main }, { "body": { @@ -133405,10 +133385,6 @@ } } ], -<<<<<<< HEAD - "query": [], - "specLocation": "inference/inference/InferenceRequest.ts#L25-L58" -======= "query": [ { "description": "Specifies the amount of time to wait for the inference request to complete.", @@ -133425,7 +133401,6 @@ } ], "specLocation": "inference/inference/InferenceRequest.ts#L26-L66" ->>>>>>> main }, { "body": { @@ -176531,7 +176506,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L266-L268" + "specLocation": "security/_types/Privileges.ts#L193-L195" }, { "kind": "interface", @@ -176617,15 +176592,9 @@ "name": "cancel_task" }, { - "availability": { - "stack": {} - }, "name": "create_snapshot" }, { - "availability": { - "stack": {} - }, "name": "grant_api_key" }, { @@ -176635,27 +176604,18 @@ "name": "manage_api_key" }, { - "availability": { - "stack": {} - }, "name": "manage_ccr" }, { "name": "manage_enrich" }, { - "availability": { - "stack": {} - }, "name": "manage_ilm" }, { "name": "manage_index_templates" }, { - "availability": { - "stack": {} - }, "name": "manage_ingest_pipelines" }, { @@ -176665,9 +176625,6 @@ "name": "manage_ml" }, { - "availability": { - "stack": {} - }, "name": "manage_oidc" }, { @@ -176677,51 +176634,30 @@ "name": "manage_pipeline" }, { - "availability": { - "stack": {} - }, "name": "manage_rollup" }, { - "availability": { - "stack": {} - }, "name": "manage_saml" }, { "name": "manage_security" }, { - "availability": { - "stack": {} - }, "name": "manage_service_account" }, { - "availability": { - "stack": {} - }, "name": "manage_slm" }, { - "availability": { - "stack": {} - }, "name": "manage_token" }, { "name": "manage_transform" }, { - "availability": { - "stack": {} - }, "name": "manage_user_profile" }, { - "availability": { - "stack": {} - }, "name": "manage_watcher" }, { @@ -176731,15 +176667,9 @@ "name": "monitor_ml" }, { - "availability": { - "stack": {} - }, "name": "monitor_rollup" }, { - "availability": { - "stack": {} - }, "name": "monitor_snapshot" }, { @@ -176749,36 +176679,21 @@ "name": "monitor_transform" }, { - "availability": { - "stack": {} - }, "name": "monitor_watcher" }, { - "availability": { - "stack": {} - }, "name": "read_ccr" }, { - "availability": { - "stack": {} - }, "name": "read_ilm" }, { "name": "read_pipeline" }, { - "availability": { - "stack": {} - }, "name": "read_slm" }, { - "availability": { - "stack": {} - }, "name": "transport_client" } ], @@ -176786,7 +176701,7 @@ "name": "ClusterPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L41-L140" + "specLocation": "security/_types/Privileges.ts#L41-L80" }, { "kind": "interface", @@ -176907,7 +176822,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L262-L264" + "specLocation": "security/_types/Privileges.ts#L189-L191" }, { "kind": "enum", @@ -176965,21 +176880,12 @@ "name": "manage" }, { - "availability": { - "stack": {} - }, "name": "manage_follow_index" }, { - "availability": { - "stack": {} - }, "name": "manage_ilm" }, { - "availability": { - "stack": {} - }, "name": "manage_leader_index" }, { @@ -176989,9 +176895,6 @@ "name": "read" }, { - "availability": { - "stack": {} - }, "name": "read_cross_cluster" }, { @@ -177005,7 +176908,7 @@ "name": "IndexPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L227-L260" + "specLocation": "security/_types/Privileges.ts#L166-L187" }, { "kind": "interface", @@ -177068,9 +176971,6 @@ } }, { - "availability": { - "stack": {} - }, "description": "Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.", "name": "allow_restricted_indices", "required": false, @@ -177084,7 +176984,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L142-L166" + "specLocation": "security/_types/Privileges.ts#L82-L105" }, { "codegenNames": [ @@ -177098,7 +176998,7 @@ "name": "IndicesPrivilegesQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L192-L200", + "specLocation": "security/_types/Privileges.ts#L131-L139", "type": { "items": [ { @@ -177148,7 +177048,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L270-L272" + "specLocation": "security/_types/Privileges.ts#L197-L199" }, { "kind": "interface", @@ -177642,7 +177542,7 @@ "name": "RoleTemplateInlineQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L221-L222", + "specLocation": "security/_types/Privileges.ts#L160-L161", "type": { "items": [ { @@ -177722,7 +177622,7 @@ } ], "shortcutProperty": "source", - "specLocation": "security/_types/Privileges.ts#L214-L219" + "specLocation": "security/_types/Privileges.ts#L153-L158" }, { "kind": "interface", @@ -177746,7 +177646,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L202-L212" + "specLocation": "security/_types/Privileges.ts#L141-L151" }, { "codegenNames": [ @@ -177758,7 +177658,7 @@ "name": "RoleTemplateScript", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L224-L225", + "specLocation": "security/_types/Privileges.ts#L163-L164", "type": { "items": [ { @@ -177988,7 +177888,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L168-L190" + "specLocation": "security/_types/Privileges.ts#L107-L129" }, { "kind": "interface", @@ -183345,9 +183245,6 @@ } }, { - "availability": { - "stack": {} - }, "description": "An object defining global privileges. A global privilege is a form of cluster privilege that is request-aware. Support for global privileges is currently limited to the management of application privileges.", "name": "global", "required": false, @@ -183471,7 +183368,7 @@ } } ], - "specLocation": "security/put_role/SecurityPutRoleRequest.ts#L30-L80" + "specLocation": "security/put_role/SecurityPutRoleRequest.ts#L30-L79" }, { "body": { diff --git a/output/schema/validation-errors.json b/output/schema/validation-errors.json index 4bfea48167..5cea2e671c 100644 --- a/output/schema/validation-errors.json +++ b/output/schema/validation-errors.json @@ -1292,17 +1292,6 @@ ], "response": [] }, - "security.has_privileges": { - "request": [ - "enum definition security._types:ClusterPrivilege - Duplicate enum member codegen_name 'read_pipeline'", - "enum definition security._types:ClusterPrivilege - Duplicate enum member name 'read_pipeline'", - "enum definition security._types:ClusterPrivilege - Duplicate enum member codegen_name 'read_slm'", - "enum definition security._types:ClusterPrivilege - Duplicate enum member name 'read_slm'", - "enum definition security._types:ClusterPrivilege - Duplicate enum member codegen_name 'transport_client'", - "enum definition security._types:ClusterPrivilege - Duplicate enum member name 'transport_client'" - ], - "response": [] - }, "security.oidc_authenticate": { "request": [ "Missing request & response" diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 3adab7cab1..fd9a8321df 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -16714,7 +16714,7 @@ export interface SecurityClusterNode { name: Name } -export type SecurityClusterPrivilege = 'all' | 'cancel_task' | 'create_snapshot' | 'grant_api_key' | 'cross_cluster_replication' | 'cross_cluster_search' | 'delegate_pki' | 'manage' | 'manage_api_key' | 'manage_autoscaling' | 'manage_behavioral_analytics' | 'manage_ccr' | 'manage_data_frame_transforms' | 'manage_data_stream_global_retention' | 'manage_enrich' | 'manage_ilm' | 'manage_index_templates' | 'manage_inference' | 'manage_ingest_pipelines' | 'manage_logstash_pipelines' | 'manage_ml' | 'manage_oidc' | 'manage_own_api_key' | 'manage_pipeline' | 'manage_rollup' | 'manage_saml' | 'manage_search_application' | 'manage_search_query_rules' | 'manage_search_synonyms' | 'manage_security' | 'manage_service_account' | 'manage_slm' | 'manage_token' | 'manage_transform' | 'manage_user_profile' | 'manage_watcher' | 'monitor' | 'monitor_data_frame_transforms' | 'monitor_data_stream_global_retention' | 'monitor_enrich' | 'monitor_inference' | 'monitor_ml' | 'monitor_rollup' | 'monitor_snapshot' | 'monitor_text_structure' | 'monitor_transform' | 'monitor_watcher' | 'read_ccr' | 'read_ilm' | 'read_pipeline' | 'read_slm' | 'transport_client' | 'none' | 'post_behavioral_analytics_event' | 'read_pipeline' | 'read_security' | 'read_slm' | 'transport_client' | 'write_connector_secrets' | 'write_fleet_secrets'| string +export type SecurityClusterPrivilege = 'all' | 'cancel_task' | 'create_snapshot' | 'cross_cluster_replication' | 'cross_cluster_search' | 'delegate_pki' | 'grant_api_key' | 'manage' | 'manage_api_key' | 'manage_autoscaling' | 'manage_behavioral_analytics' | 'manage_ccr' | 'manage_data_frame_transforms' | 'manage_data_stream_global_retention' | 'manage_enrich' | 'manage_ilm' | 'manage_index_templates' | 'manage_inference' | 'manage_ingest_pipelines' | 'manage_logstash_pipelines' | 'manage_ml' | 'manage_oidc' | 'manage_own_api_key' | 'manage_pipeline' | 'manage_rollup' | 'manage_saml' | 'manage_search_application' | 'manage_search_query_rules' | 'manage_search_synonyms' | 'manage_security' | 'manage_service_account' | 'manage_slm' | 'manage_token' | 'manage_transform' | 'manage_user_profile' | 'manage_watcher' | 'monitor' | 'monitor_data_frame_transforms' | 'monitor_data_stream_global_retention' | 'monitor_enrich' | 'monitor_inference' | 'monitor_ml' | 'monitor_rollup' | 'monitor_snapshot' | 'monitor_text_structure' | 'monitor_transform' | 'monitor_watcher' | 'none' | 'post_behavioral_analytics_event' | 'read_ccr' | 'read_connector_secrets' | 'read_fleet_secrets' | 'read_ilm' | 'read_pipeline' | 'read_security' | 'read_slm' | 'transport_client' | 'write_connector_secrets' | 'write_fleet_secrets'| string export interface SecurityCreatedStatus { created: boolean diff --git a/specification/security/_types/Privileges.ts b/specification/security/_types/Privileges.ts index a5c6d479b6..d013df8308 100644 --- a/specification/security/_types/Privileges.ts +++ b/specification/security/_types/Privileges.ts @@ -42,90 +42,39 @@ export class ApplicationPrivileges { export enum ClusterPrivilege { all, cancel_task, - /** - * @availability stack - */ create_snapshot, - /** - * @availability stack - */ - grant_api_key, - /** - * @availability stack - */ cross_cluster_replication, - /** - * @availability stack - */ cross_cluster_search, - /** - * @availability stack - */ delegate_pki, + grant_api_key, manage, manage_api_key, - /** - * @availability stack - */ manage_autoscaling, manage_behavioral_analytics, - /** - * @availability stack - */ manage_ccr, manage_data_frame_transforms, manage_data_stream_global_retention, manage_enrich, - /** - * @availability stack - */ manage_ilm, manage_index_templates, - /** - * @availability stack - */ manage_inference, manage_ingest_pipelines, manage_logstash_pipelines, manage_ml, - /** - * @availability stack - */ manage_oidc, manage_own_api_key, manage_pipeline, - /** - * @availability stack - */ manage_rollup, - /** - * @availability stack - */ manage_saml, manage_search_application, manage_search_query_rules, manage_search_synonyms, manage_security, - /** - * @availability stack - */ manage_service_account, - /** - * @availability stack - */ manage_slm, - /** - * @availability stack - */ manage_token, manage_transform, - /** - * @availability stack - */ manage_user_profile, - /** - * @availability stack - */ manage_watcher, monitor, monitor_data_frame_transforms, @@ -133,42 +82,17 @@ export enum ClusterPrivilege { monitor_enrich, monitor_inference, monitor_ml, - /** - * @availability stack - */ monitor_rollup, - /** - * @availability stack - */ monitor_snapshot, - /** - * @availability stack - */ monitor_text_structure, monitor_transform, - /** - * @availability stack - */ monitor_watcher, - /** - * @availability stack - */ - read_ccr, - /** - * @availability stack - */ - read_ilm, - read_pipeline, - /** - * @availability stack - */ - read_slm, - /** - * @availability stack - */ - transport_client, none, post_behavioral_analytics_event, + read_ccr, + read_connector_secrets, + read_fleet_secrets, + read_ilm, read_pipeline, read_security, read_slm, @@ -198,7 +122,6 @@ export class IndicesPrivileges { /** * Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`. * @server_default false - * @availability stack */ allow_restricted_indices?: boolean } @@ -277,24 +200,12 @@ export enum IndexPrivilege { maintenance, manage, manage_data_stream_lifecycle, - /** - * @availability stack - */ manage_follow_index, - /** - * @availability stack - */ manage_ilm, - /** - * @availability stack - */ manage_leader_index, monitor, none, read, - /** - * @availability stack - */ read_cross_cluster, view_index_metadata, write diff --git a/specification/security/get_role/SecurityGetRoleRequest.ts b/specification/security/get_role/SecurityGetRoleRequest.ts index dead7d4477..f981198896 100644 --- a/specification/security/get_role/SecurityGetRoleRequest.ts +++ b/specification/security/get_role/SecurityGetRoleRequest.ts @@ -25,7 +25,7 @@ import { Names } from '@_types/common' * The get roles API cannot retrieve roles that are defined in roles files. * @rest_spec_name security.get_role * @availability stack since=0.0.0 stability=stable - * @availability serverless stability=stable visibility=public + * @availability serverless stability=stable visibility=private * @cluster_privileges manage_security */ export interface Request extends RequestBase { diff --git a/specification/security/put_role/SecurityPutRoleRequest.ts b/specification/security/put_role/SecurityPutRoleRequest.ts index 2d5177bb5a..4a0c8656b1 100644 --- a/specification/security/put_role/SecurityPutRoleRequest.ts +++ b/specification/security/put_role/SecurityPutRoleRequest.ts @@ -32,7 +32,7 @@ import { Metadata, Name, Refresh } from '@_types/common' * The create or update roles API cannot update roles that are defined in roles files. * @rest_spec_name security.put_role * @availability stack since=0.0.0 stability=stable - * @availability serverless stability=stable visibility=public + * @availability serverless stability=stable visibility=private * @cluster_privileges manage_security */ export interface Request extends RequestBase { @@ -56,7 +56,6 @@ export interface Request extends RequestBase { cluster?: ClusterPrivilege[] /** * An object defining global privileges. A global privilege is a form of cluster privilege that is request-aware. Support for global privileges is currently limited to the management of application privileges. - * @availability stack */ global?: Dictionary /** @@ -68,7 +67,7 @@ export interface Request extends RequestBase { */ metadata?: Metadata /** - * A list of users that the owners of this role can impersonate. *Note*: in Serverless, the run-as feature is disabled. For API compatibility, you can still specify an empty `run_as` field, but a non-empty list will be rejected. + * A list of users that the owners of this role can impersonate. * @doc_id run-as-privilege */ run_as?: string[]