diff --git a/config/serverless.security.yml b/config/serverless.security.yml index c64e54a4fa942..494c108e9629c 100644 --- a/config/serverless.security.yml +++ b/config/serverless.security.yml @@ -43,8 +43,6 @@ xpack.features.overrides: privileges: [ "all" ] - feature: "maps_v2" privileges: [ "all" ] - - feature: "savedQueryManagement" - privileges: [ "all" ] # Security's `Read` feature privilege should implicitly grant `Read` access to Discover, Dashboard, Maps, and # Visualize features. Additionally, it should implicitly grant privilege to create short URLs in Discover, ### Dashboard, and Visualize apps. @@ -57,8 +55,6 @@ xpack.features.overrides: privileges: [ "read" ] - feature: "maps_v2" privileges: [ "read" ] - - feature: "savedQueryManagement" - privileges: [ "read" ] ### Security's feature privileges are fine-tuned to grant access to Discover, Dashboard, Maps, and Visualize apps. siem: @@ -66,25 +62,29 @@ xpack.features.overrides: ### Security's `All` feature privilege should implicitly grant `All` access to Discover, Dashboard, Maps, and ### Visualize features. all.composedOf: - - feature: "discover" + - feature: "discover_v2" + privileges: [ "all" ] + - feature: "dashboard_v2" privileges: [ "all" ] - - feature: "dashboard" + - feature: "visualize_v2" privileges: [ "all" ] - - feature: "visualize" + - feature: "maps_v2" privileges: [ "all" ] - - feature: "maps" + - feature: "savedQueryManagement" privileges: [ "all" ] # Security's `Read` feature privilege should implicitly grant `Read` access to Discover, Dashboard, Maps, and # Visualize features. Additionally, it should implicitly grant privilege to create short URLs in Discover, ### Dashboard, and Visualize apps. read.composedOf: - - feature: "discover" + - feature: "discover_v2" + privileges: [ "read" ] + - feature: "dashboard_v2" privileges: [ "read" ] - - feature: "dashboard" + - feature: "visualize_v2" privileges: [ "read" ] - - feature: "visualize" + - feature: "maps_v2" privileges: [ "read" ] - - feature: "maps" + - feature: "savedQueryManagement" privileges: [ "read" ] ## Cloud settings diff --git a/x-pack/test_serverless/api_integration/test_suites/security/platform_security/authorization.ts b/x-pack/test_serverless/api_integration/test_suites/security/platform_security/authorization.ts index 84c43cab8fb54..1f0af1c372407 100644 --- a/x-pack/test_serverless/api_integration/test_suites/security/platform_security/authorization.ts +++ b/x-pack/test_serverless/api_integration/test_suites/security/platform_security/authorization.ts @@ -925,22 +925,6 @@ export default function ({ getService }: FtrProviderContext) { "saved_object:map/share_to_space", "ui:maps_v2/save", "ui:maps_v2/show", - "api:savedQuery:manage", - "api:savedQuery:read", - "saved_object:query/bulk_get", - "saved_object:query/get", - "saved_object:query/find", - "saved_object:query/open_point_in_time", - "saved_object:query/close_point_in_time", - "saved_object:query/create", - "saved_object:query/bulk_create", - "saved_object:query/update", - "saved_object:query/bulk_update", - "saved_object:query/delete", - "saved_object:query/bulk_delete", - "saved_object:query/share_to_space", - "ui:savedQueryManagement/showQueries", - "ui:savedQueryManagement/saveQuery", ], "blocklist_all": Array [ "login:", @@ -1779,22 +1763,6 @@ export default function ({ getService }: FtrProviderContext) { "saved_object:map/share_to_space", "ui:maps_v2/save", "ui:maps_v2/show", - "api:savedQuery:manage", - "api:savedQuery:read", - "saved_object:query/bulk_get", - "saved_object:query/get", - "saved_object:query/find", - "saved_object:query/open_point_in_time", - "saved_object:query/close_point_in_time", - "saved_object:query/create", - "saved_object:query/bulk_create", - "saved_object:query/update", - "saved_object:query/bulk_update", - "saved_object:query/delete", - "saved_object:query/bulk_delete", - "saved_object:query/share_to_space", - "ui:savedQueryManagement/showQueries", - "ui:savedQueryManagement/saveQuery", ], "minimal_read": Array [ "login:", @@ -2125,13 +2093,6 @@ export default function ({ getService }: FtrProviderContext) { "ui:catalogue/maps", "ui:navLinks/maps", "ui:maps_v2/show", - "api:savedQuery:read", - "saved_object:query/bulk_get", - "saved_object:query/get", - "saved_object:query/find", - "saved_object:query/open_point_in_time", - "saved_object:query/close_point_in_time", - "ui:savedQueryManagement/showQueries", ], "policy_management_all": Array [ "login:", @@ -2498,13 +2459,6 @@ export default function ({ getService }: FtrProviderContext) { "ui:catalogue/maps", "ui:navLinks/maps", "ui:maps_v2/show", - "api:savedQuery:read", - "saved_object:query/bulk_get", - "saved_object:query/get", - "saved_object:query/find", - "saved_object:query/open_point_in_time", - "saved_object:query/close_point_in_time", - "ui:savedQueryManagement/showQueries", ], "scan_operations_all": Array [ "login:",