|
|
@@ -200,45 +200,6 @@ public class ApiKeyService {
|
|
|
Property.NodeScope
|
|
|
);
|
|
|
|
|
|
- // This following fixed role descriptor is for fleet-server BWC on and before 7.14.
|
|
|
- // It is fixed and must NOT be updated when the fleet-server service account updates.
|
|
|
- private static final BytesArray FLEET_SERVER_ROLE_DESCRIPTOR_BYTES_V_7_14 = new BytesArray("""
|
|
|
- {
|
|
|
- "elastic/fleet-server": {
|
|
|
- "cluster": [ "monitor", "manage_own_api_key" ],
|
|
|
- "indices": [
|
|
|
- {
|
|
|
- "names": [
|
|
|
- "logs-*",
|
|
|
- "metrics-*",
|
|
|
- "traces-*",
|
|
|
- "synthetics-*",
|
|
|
- ".logs-endpoint.diagnostic.collection-*"
|
|
|
- ],
|
|
|
- "privileges": [ "write", "create_index", "auto_configure" ],
|
|
|
- "allow_restricted_indices": false
|
|
|
- },
|
|
|
- {
|
|
|
- "names": [ ".fleet-*" ],
|
|
|
- "privileges": [
|
|
|
- "read",
|
|
|
- "write",
|
|
|
- "monitor",
|
|
|
- "create_index",
|
|
|
- "auto_configure"
|
|
|
- ],
|
|
|
- "allow_restricted_indices": false
|
|
|
- }
|
|
|
- ],
|
|
|
- "applications": [],
|
|
|
- "run_as": [],
|
|
|
- "metadata": {},
|
|
|
- "transient_metadata": {
|
|
|
- "enabled": true
|
|
|
- }
|
|
|
- }
|
|
|
- }""");
|
|
|
-
|
|
|
private final Clock clock;
|
|
|
private final Client client;
|
|
|
private final SecurityIndexManager securityIndex;
|
Yang Wang