From 8d5d9698c2b8a395332eb3ab886fa7712a116625 Mon Sep 17 00:00:00 2001 From: Jake Landis Date: Tue, 12 Nov 2024 12:56:47 -0600 Subject: [PATCH] support for security:remote_cluster --- compiler/package-lock.json | 10 +- output/schema/schema.json | 269 ++++++++++++++++-- output/typescript/types.ts | 21 +- package-lock.json | 8 +- package.json | 2 +- specification/security/_types/Privileges.ts | 36 +++ .../security/_types/RoleDescriptor.ts | 26 +- .../SecurityGetBuiltinPrivilegesResponse.ts | 3 +- specification/security/get_role/types.ts | 14 +- .../put_role/SecurityPutRoleRequest.ts | 8 +- 10 files changed, 357 insertions(+), 40 deletions(-) diff --git a/compiler/package-lock.json b/compiler/package-lock.json index ed183152ca..56c687fd0d 100644 --- a/compiler/package-lock.json +++ b/compiler/package-lock.json @@ -33,6 +33,10 @@ "node": ">=14" } }, + "../compiler-rs/compiler-wasm-lib/pkg": { + "name": "compiler-wasm-lib", + "version": "0.1.0" + }, "node_modules/@babel/code-frame": { "version": "7.12.11", "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.12.11.tgz", @@ -1540,8 +1544,8 @@ "dev": true }, "node_modules/compiler-wasm-lib": { - "version": "0.1.0", - "resolved": "file:../compiler-rs/compiler-wasm-lib/pkg" + "resolved": "../compiler-rs/compiler-wasm-lib/pkg", + "link": true }, "node_modules/concat-map": { "version": "0.0.1", @@ -6484,7 +6488,7 @@ "dev": true }, "compiler-wasm-lib": { - "version": "0.1.0" + "version": "file:../compiler-rs/compiler-wasm-lib/pkg" }, "concat-map": { "version": "0.0.1", diff --git a/output/schema/schema.json b/output/schema/schema.json index c19dea2d46..159e772243 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -186932,7 +186932,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L372-L374" + "specLocation": "security/_types/Privileges.ts#L408-L410" }, { "kind": "interface", @@ -187254,6 +187254,12 @@ }, "name": "monitor_snapshot" }, + { + "availability": { + "stack": {} + }, + "name": "monitor_stats" + }, { "availability": { "stack": {} @@ -187328,7 +187334,33 @@ "name": "ClusterPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L42-L195" + "specLocation": "security/_types/Privileges.ts#L42-L199" + }, + { + "kind": "enum", + "members": [ + { + "availability": { + "stack": { + "since": "8.14.0" + } + }, + "name": "monitor_enrich" + }, + { + "availability": { + "stack": { + "since": "8.17.0" + } + }, + "name": "monitor_stats" + } + ], + "name": { + "name": "ClusterPrivilegeForRemote", + "namespace": "security._types" + }, + "specLocation": "security/_types/Privileges.ts#L201-L214" }, { "kind": "interface", @@ -187449,7 +187481,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L368-L370" + "specLocation": "security/_types/Privileges.ts#L404-L406" }, { "kind": "enum", @@ -187562,7 +187594,7 @@ "name": "IndexPrivilege", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L324-L366" + "specLocation": "security/_types/Privileges.ts#L360-L402" }, { "kind": "interface", @@ -187644,7 +187676,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L198-L222" + "specLocation": "security/_types/Privileges.ts#L217-L241" }, { "kind": "type_alias", @@ -187658,7 +187690,7 @@ "name": "IndicesPrivilegesQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L279-L287", + "specLocation": "security/_types/Privileges.ts#L315-L323", "type": { "kind": "union_of", "items": [ @@ -187708,7 +187740,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L376-L378" + "specLocation": "security/_types/Privileges.ts#L412-L414" }, { "kind": "interface", @@ -187744,6 +187776,45 @@ }, { "kind": "interface", + "description": "The subset of cluster level privileges that can be defined for remote clusters.", + "name": { + "name": "RemoteClusterPrivileges", + "namespace": "security._types" + }, + "properties": [ + { + "description": "A list of cluster aliases to which the permissions in this entry apply.", + "name": "clusters", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Names", + "namespace": "_types" + } + } + }, + { + "description": "The cluster level privileges that owners of the role have on the remote cluster.", + "name": "privileges", + "required": true, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "ClusterPrivilegeForRemote", + "namespace": "security._types" + } + } + } + } + ], + "specLocation": "security/_types/Privileges.ts#L277-L289" + }, + { + "kind": "interface", + "description": "The subset of index level privileges that can be defined for remote clusters.", "name": { "name": "RemoteIndicesPrivileges", "namespace": "security._types" @@ -187834,7 +187905,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L225-L253" + "specLocation": "security/_types/Privileges.ts#L243-L275" }, { "kind": "interface", @@ -187859,7 +187930,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L380-L385" + "specLocation": "security/_types/Privileges.ts#L416-L421" }, { "kind": "interface", @@ -187901,6 +187972,46 @@ } } }, + { + "availability": { + "stack": { + "since": "8.14.0" + } + }, + "description": "A list of indices permissions for remote clusters.", + "name": "remote_indices", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "RemoteIndicesPrivileges", + "namespace": "security._types" + } + } + } + }, + { + "availability": { + "stack": { + "since": "8.15.0" + } + }, + "description": "A list of cluster permissions for remote clusters. Note - this is limited a subset of the cluster permissions.", + "name": "remote_cluster", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "RemoteClusterPrivileges", + "namespace": "security._types" + } + } + } + }, { "availability": { "stack": {} @@ -188006,7 +188117,7 @@ } } ], - "specLocation": "security/_types/RoleDescriptor.ts#L31-L64" + "specLocation": "security/_types/RoleDescriptor.ts#L31-L77" }, { "kind": "interface", @@ -188068,6 +188179,46 @@ } } }, + { + "availability": { + "stack": { + "since": "8.14.0" + } + }, + "description": "A list of indices permissions for remote clusters.", + "name": "remote_indices", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "RemoteIndicesPrivileges", + "namespace": "security._types" + } + } + } + }, + { + "availability": { + "stack": { + "since": "8.15.0" + } + }, + "description": "A list of cluster permissions for remote clusters. Note - this is limited a subset of the cluster permissions.", + "name": "remote_cluster", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "RemoteClusterPrivileges", + "namespace": "security._types" + } + } + } + }, { "availability": { "stack": {} @@ -188173,7 +188324,7 @@ } } ], - "specLocation": "security/_types/RoleDescriptor.ts#L66-L98" + "specLocation": "security/_types/RoleDescriptor.ts#L79-L122" }, { "kind": "interface", @@ -188351,7 +188502,7 @@ "name": "RoleTemplateInlineQuery", "namespace": "security._types" }, - "specLocation": "security/_types/Privileges.ts#L321-L322", + "specLocation": "security/_types/Privileges.ts#L357-L358", "type": { "kind": "union_of", "items": [ @@ -188394,7 +188545,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L289-L299" + "specLocation": "security/_types/Privileges.ts#L325-L335" }, { "kind": "interface", @@ -188482,7 +188633,7 @@ } ], "shortcutProperty": "source", - "specLocation": "security/_types/Privileges.ts#L301-L319" + "specLocation": "security/_types/Privileges.ts#L337-L355" }, { "kind": "interface", @@ -188549,7 +188700,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L387-L407" + "specLocation": "security/_types/Privileges.ts#L423-L443" }, { "kind": "enum", @@ -188763,7 +188914,7 @@ } } ], - "specLocation": "security/_types/Privileges.ts#L255-L277" + "specLocation": "security/_types/Privileges.ts#L291-L313" }, { "kind": "interface", @@ -191758,8 +191909,8 @@ "value": { "kind": "instance_of", "type": { - "name": "string", - "namespace": "_builtins" + "name": "ClusterPrivilege", + "namespace": "security._types" } } } @@ -191777,6 +191928,20 @@ } } } + }, + { + "name": "remote_cluster", + "required": true, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "ClusterPrivilegeForRemote", + "namespace": "security._types" + } + } + } } ] }, @@ -191784,7 +191949,7 @@ "name": "Response", "namespace": "security.get_builtin_privileges" }, - "specLocation": "security/get_builtin_privileges/SecurityGetBuiltinPrivilegesResponse.ts#L22-L24" + "specLocation": "security/get_builtin_privileges/SecurityGetBuiltinPrivilegesResponse.ts#L23-L25" }, { "kind": "request", @@ -191954,8 +192119,8 @@ "value": { "kind": "instance_of", "type": { - "name": "string", - "namespace": "_builtins" + "name": "ClusterPrivilege", + "namespace": "security._types" } } } @@ -191974,6 +192139,44 @@ } } }, + { + "availability": { + "stack": { + "since": "8.14.0" + } + }, + "name": "remote_indices", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "RemoteIndicesPrivileges", + "namespace": "security._types" + } + } + } + }, + { + "availability": { + "stack": { + "since": "8.15.0" + } + }, + "name": "remote_cluster", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "RemoteClusterPrivileges", + "namespace": "security._types" + } + } + } + }, { "name": "metadata", "required": true, @@ -192099,7 +192302,7 @@ } } ], - "specLocation": "security/get_role/types.ts#L29-L42" + "specLocation": "security/get_role/types.ts#L29-L50" }, { "kind": "request", @@ -194565,6 +194768,26 @@ } } }, + { + "availability": { + "stack": { + "since": "8.15.0" + } + }, + "description": "A list of remote cluster permissions entries.", + "name": "remote_cluster", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "RemoteClusterPrivileges", + "namespace": "security._types" + } + } + } + }, { "description": "Optional metadata. Within the metadata object, keys that begin with an underscore (`_`) are reserved for system use.", "name": "metadata", @@ -194666,7 +194889,7 @@ } } ], - "specLocation": "security/put_role/SecurityPutRoleRequest.ts#L31-L95" + "specLocation": "security/put_role/SecurityPutRoleRequest.ts#L31-L101" }, { "kind": "response", diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 71da122a94..29b343d40f 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -17630,7 +17630,9 @@ export interface SecurityClusterNode { name: Name } -export type SecurityClusterPrivilege = 'all' | 'cancel_task' | 'create_snapshot' | 'cross_cluster_replication' | 'cross_cluster_search' | 'delegate_pki' | 'grant_api_key' | 'manage' | 'manage_api_key' | 'manage_autoscaling' | 'manage_behavioral_analytics' | 'manage_ccr' | 'manage_data_frame_transforms' | 'manage_data_stream_global_retention' | 'manage_enrich' | 'manage_ilm' | 'manage_index_templates' | 'manage_inference' | 'manage_ingest_pipelines' | 'manage_logstash_pipelines' | 'manage_ml' | 'manage_oidc' | 'manage_own_api_key' | 'manage_pipeline' | 'manage_rollup' | 'manage_saml' | 'manage_search_application' | 'manage_search_query_rules' | 'manage_search_synonyms' | 'manage_security' | 'manage_service_account' | 'manage_slm' | 'manage_token' | 'manage_transform' | 'manage_user_profile' | 'manage_watcher' | 'monitor' | 'monitor_data_frame_transforms' | 'monitor_data_stream_global_retention' | 'monitor_enrich' | 'monitor_inference' | 'monitor_ml' | 'monitor_rollup' | 'monitor_snapshot' | 'monitor_text_structure' | 'monitor_transform' | 'monitor_watcher' | 'none' | 'post_behavioral_analytics_event' | 'read_ccr' | 'read_fleet_secrets' | 'read_ilm' | 'read_pipeline' | 'read_security' | 'read_slm' | 'transport_client' | 'write_connector_secrets' | 'write_fleet_secrets'| string +export type SecurityClusterPrivilege = 'all' | 'cancel_task' | 'create_snapshot' | 'cross_cluster_replication' | 'cross_cluster_search' | 'delegate_pki' | 'grant_api_key' | 'manage' | 'manage_api_key' | 'manage_autoscaling' | 'manage_behavioral_analytics' | 'manage_ccr' | 'manage_data_frame_transforms' | 'manage_data_stream_global_retention' | 'manage_enrich' | 'manage_ilm' | 'manage_index_templates' | 'manage_inference' | 'manage_ingest_pipelines' | 'manage_logstash_pipelines' | 'manage_ml' | 'manage_oidc' | 'manage_own_api_key' | 'manage_pipeline' | 'manage_rollup' | 'manage_saml' | 'manage_search_application' | 'manage_search_query_rules' | 'manage_search_synonyms' | 'manage_security' | 'manage_service_account' | 'manage_slm' | 'manage_token' | 'manage_transform' | 'manage_user_profile' | 'manage_watcher' | 'monitor' | 'monitor_data_frame_transforms' | 'monitor_data_stream_global_retention' | 'monitor_enrich' | 'monitor_inference' | 'monitor_ml' | 'monitor_rollup' | 'monitor_snapshot' | 'monitor_stats' | 'monitor_text_structure' | 'monitor_transform' | 'monitor_watcher' | 'none' | 'post_behavioral_analytics_event' | 'read_ccr' | 'read_fleet_secrets' | 'read_ilm' | 'read_pipeline' | 'read_security' | 'read_slm' | 'transport_client' | 'write_connector_secrets' | 'write_fleet_secrets'| string + +export type SecurityClusterPrivilegeForRemote = 'monitor_enrich' | 'monitor_stats' export interface SecurityCreatedStatus { created: boolean @@ -17674,6 +17676,11 @@ export interface SecurityRealmInfo { type: string } +export interface SecurityRemoteClusterPrivileges { + clusters: Names + privileges: SecurityClusterPrivilegeForRemote[] +} + export interface SecurityRemoteIndicesPrivileges { clusters: Names field_security?: SecurityFieldSecurity @@ -17691,6 +17698,8 @@ export interface SecurityRoleDescriptor { cluster?: SecurityClusterPrivilege[] indices?: SecurityIndicesPrivileges[] index?: SecurityIndicesPrivileges[] + remote_indices?: SecurityRemoteIndicesPrivileges[] + remote_cluster?: SecurityRemoteClusterPrivileges[] global?: SecurityGlobalPrivilege[] | SecurityGlobalPrivilege applications?: SecurityApplicationPrivileges[] metadata?: Metadata @@ -17703,6 +17712,8 @@ export interface SecurityRoleDescriptorRead { cluster: SecurityClusterPrivilege[] indices: SecurityIndicesPrivileges[] index: SecurityIndicesPrivileges[] + remote_indices?: SecurityRemoteIndicesPrivileges[] + remote_cluster?: SecurityRemoteClusterPrivileges[] global?: SecurityGlobalPrivilege[] | SecurityGlobalPrivilege applications?: SecurityApplicationPrivileges[] metadata?: Metadata @@ -18102,8 +18113,9 @@ export interface SecurityGetBuiltinPrivilegesRequest extends RequestBase { } export interface SecurityGetBuiltinPrivilegesResponse { - cluster: string[] + cluster: SecurityClusterPrivilege[] index: IndexName[] + remote_cluster: SecurityClusterPrivilegeForRemote[] } export interface SecurityGetPrivilegesRequest extends RequestBase { @@ -18120,8 +18132,10 @@ export interface SecurityGetRoleRequest extends RequestBase { export type SecurityGetRoleResponse = Record export interface SecurityGetRoleRole { - cluster: string[] + cluster: SecurityClusterPrivilege[] indices: SecurityIndicesPrivileges[] + remote_indices?: SecurityRemoteIndicesPrivileges[] + remote_cluster?: SecurityRemoteClusterPrivileges[] metadata: Metadata run_as: string[] transient_metadata?: Record @@ -18387,6 +18401,7 @@ export interface SecurityPutRoleRequest extends RequestBase { global?: Record indices?: SecurityIndicesPrivileges[] remote_indices?: SecurityRemoteIndicesPrivileges[] + remote_cluster?: SecurityRemoteClusterPrivileges[] metadata?: Metadata run_as?: string[] description?: string diff --git a/package-lock.json b/package-lock.json index 8bd812f6b6..2323b099fe 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5,7 +5,7 @@ "packages": { "": { "dependencies": { - "@stoplight/spectral-cli": "^6.13.0" + "@stoplight/spectral-cli": "^6.13.1" } }, "node_modules/@asyncapi/specs": { @@ -200,9 +200,9 @@ } }, "node_modules/@stoplight/spectral-cli": { - "version": "6.13.0", - "resolved": "https://registry.npmjs.org/@stoplight/spectral-cli/-/spectral-cli-6.13.0.tgz", - "integrity": "sha512-qofxmVN4czNNJdfq0OB8Qj1ihpIhyR0IgyQpJFda9FvWWn9vJqDuIsoGKWP7xIHwv3E31q3iviDIX3Ejy9tNcg==", + "version": "6.13.1", + "resolved": "https://registry.npmjs.org/@stoplight/spectral-cli/-/spectral-cli-6.13.1.tgz", + "integrity": "sha512-v6ipX4w6wRhtbOotwdPL7RrEkP0m1OwHTIyqzVrAPi932F/zkee24jmf1CHNrTynonmfGoU6/XpeqUHtQdKDFw==", "license": "Apache-2.0", "dependencies": { "@stoplight/json": "~3.21.0", diff --git a/package.json b/package.json index e936d7f831..0d26b9a7ed 100644 --- a/package.json +++ b/package.json @@ -1,5 +1,5 @@ { "dependencies": { - "@stoplight/spectral-cli": "^6.13.0" + "@stoplight/spectral-cli": "^6.13.1" } } diff --git a/specification/security/_types/Privileges.ts b/specification/security/_types/Privileges.ts index 14f2977557..e930b324ee 100644 --- a/specification/security/_types/Privileges.ts +++ b/specification/security/_types/Privileges.ts @@ -151,6 +151,10 @@ export enum ClusterPrivilege { * @availability stack */ monitor_snapshot, + /** + * @availability stack + */ + monitor_stats, /** * @availability stack */ @@ -194,6 +198,21 @@ export enum ClusterPrivilege { write_fleet_secrets } +/** + * The subset of cluster level privileges that can be defined for remote clusters. + * @availability stack + */ +export enum ClusterPrivilegeForRemote { + /** + * @availability stack since=8.14.0 + */ + monitor_enrich, + /** + * @availability stack since=8.17.0 + */ + monitor_stats +} + // Keep in sync with RemoteIndicesPrivileges export class IndicesPrivileges { /** @@ -221,6 +240,9 @@ export class IndicesPrivileges { allow_restricted_indices?: boolean } +/** + * The subset of index level privileges that can be defined for remote clusters. + */ // Keep in sync with IndicesPrivileges export class RemoteIndicesPrivileges { /** @@ -252,6 +274,20 @@ export class RemoteIndicesPrivileges { allow_restricted_indices?: boolean } +/** + * The subset of cluster level privileges that can be defined for remote clusters. + */ +export class RemoteClusterPrivileges { + /** + * A list of cluster aliases to which the permissions in this entry apply. + */ + clusters: Names + /** + * The cluster level privileges that owners of the role have on the remote cluster. + */ + privileges: ClusterPrivilegeForRemote[] +} + export class UserIndicesPrivileges { /** * The document fields that the owners of the role have read access to. diff --git a/specification/security/_types/RoleDescriptor.ts b/specification/security/_types/RoleDescriptor.ts index 6c8130860b..2df572e6b5 100644 --- a/specification/security/_types/RoleDescriptor.ts +++ b/specification/security/_types/RoleDescriptor.ts @@ -25,7 +25,7 @@ import { ApplicationPrivileges, ClusterPrivilege, GlobalPrivilege, - IndicesPrivileges + IndicesPrivileges, RemoteClusterPrivileges, RemoteIndicesPrivileges } from './Privileges' export class RoleDescriptor { @@ -38,6 +38,19 @@ export class RoleDescriptor { * @aliases index */ indices?: IndicesPrivileges[] + + /** + * A list of indices permissions for remote clusters. + * @availability stack since=8.14.0 + */ + remote_indices?: RemoteIndicesPrivileges[] + + /** + * A list of cluster permissions for remote clusters. Note - this is limited a subset of the cluster permissions. + * @availability stack since=8.15.0 + */ + remote_cluster?: RemoteClusterPrivileges[] + /** * An object defining global privileges. A global privilege is a form of cluster privilege that is request-aware. Support for global privileges is currently limited to the management of application privileges. * @availability stack @@ -73,6 +86,17 @@ export class RoleDescriptorRead implements OverloadOf { * @aliases index */ indices: IndicesPrivileges[] + /** + * A list of indices permissions for remote clusters. + * @availability stack since=8.14.0 + */ + remote_indices?: RemoteIndicesPrivileges[] + + /** + * A list of cluster permissions for remote clusters. Note - this is limited a subset of the cluster permissions. + * @availability stack since=8.15.0 + */ + remote_cluster?: RemoteClusterPrivileges[] /** * An object defining global privileges. A global privilege is a form of cluster privilege that is request-aware. Support for global privileges is currently limited to the management of application privileges. */ diff --git a/specification/security/get_builtin_privileges/SecurityGetBuiltinPrivilegesResponse.ts b/specification/security/get_builtin_privileges/SecurityGetBuiltinPrivilegesResponse.ts index eaf9009d13..f72456f9e8 100644 --- a/specification/security/get_builtin_privileges/SecurityGetBuiltinPrivilegesResponse.ts +++ b/specification/security/get_builtin_privileges/SecurityGetBuiltinPrivilegesResponse.ts @@ -18,7 +18,8 @@ */ import { IndexName } from '@_types/common' +import {ClusterPrivilege, ClusterPrivilegeForRemote} from "@security/_types/Privileges"; export class Response { - body: { cluster: string[]; index: IndexName[] } + body: { cluster: ClusterPrivilege[]; index: IndexName[]; remote_cluster: ClusterPrivilegeForRemote[] } } diff --git a/specification/security/get_role/types.ts b/specification/security/get_role/types.ts index 1ba672b074..080de468b5 100644 --- a/specification/security/get_role/types.ts +++ b/specification/security/get_role/types.ts @@ -18,8 +18,8 @@ */ import { - ApplicationPrivileges, - IndicesPrivileges + ApplicationPrivileges, ClusterPrivilege, + IndicesPrivileges, RemoteClusterPrivileges, RemoteIndicesPrivileges } from '@security/_types/Privileges' import { RoleTemplate } from '@security/_types/RoleTemplate' import { Dictionary } from '@spec_utils/Dictionary' @@ -27,8 +27,16 @@ import { UserDefinedValue } from '@spec_utils/UserDefinedValue' import { Metadata } from '@_types/common' export class Role { - cluster: string[] + cluster: ClusterPrivilege[] indices: IndicesPrivileges[] + /** + * @availability stack since=8.14.0 + */ + remote_indices?: RemoteIndicesPrivileges[] + /** + * @availability stack since=8.15.0 + */ + remote_cluster?: RemoteClusterPrivileges[] metadata: Metadata run_as: string[] transient_metadata?: Dictionary diff --git a/specification/security/put_role/SecurityPutRoleRequest.ts b/specification/security/put_role/SecurityPutRoleRequest.ts index e8ada073d5..ff70fdf357 100644 --- a/specification/security/put_role/SecurityPutRoleRequest.ts +++ b/specification/security/put_role/SecurityPutRoleRequest.ts @@ -20,7 +20,7 @@ import { ApplicationPrivileges, ClusterPrivilege, - IndicesPrivileges, + IndicesPrivileges, RemoteClusterPrivileges, RemoteIndicesPrivileges } from '@security/_types/Privileges' import { Dictionary } from '@spec_utils/Dictionary' @@ -74,6 +74,12 @@ export interface Request extends RequestBase { * */ remote_indices?: RemoteIndicesPrivileges[] + /** + * A list of remote cluster permissions entries. + * @availability stack since=8.15.0 + * + */ + remote_cluster?: RemoteClusterPrivileges[] /** * Optional metadata. Within the metadata object, keys that begin with an underscore (`_`) are reserved for system use. */