[7.x] [Security Solution] [Detections] Adds scripts to create users + roles based on specific privileges (#81866) #83861
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… based on specific privileges (elastic#81866) * shell scripts for creating roles + users for testing * update readme's and updated privilege requirements based on testing with the users and inferring what the roles are supposed to do * update role privileges based on feedback meeting yesterday * updated scripts to accept filepath to role / user, added a test to ensure upload value list button is disabled * updated role scripts to be parameterized * adds login with role function and adds a sample test with a role to test that a t1 analyst user cannot upload a value list * add object with corresponding roles * fix spacing * parameterize urls for basic auth with roles + users * forgot to change the cy.visit string * add KIBANA_URL env var for cli runner * add env vars for curl script execution * second script * update readme's for each role and remove create_index from lists privilege for the soc manager role * remove 'manage' cluster privilege for rule author * remove 'create_index' privilege from soc_manager role since that is not parity with the security workflows spreadsheet * update the login function logic with glo's feedback * replace SIEM with Security Solution in markdown files * make role param optional not just undefined * remove unused file * add copyright to scripts files * update top-level README for roles scripts * remove reference to internal spreadsheet and reference readme for this pr * remove unnecessary -XPOST and remove verbose mode from post_detections_user script * adds utils for running integration tests with other users and adds two sample tests showing example usage * minor type updates and small refactor * fix x-pack/test types * use enum types instead of custom type * fix path to json Co-authored-by: Kibana Machine <[email protected]> Co-authored-by: Xavier Mouligneau <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backports the following commits to 7.x: