[Transform] test with minimal privileges (#72816)

limit the privileges to the minimal required ones

relates #72715

x-pack/plugin/transform/qa/multi-cluster-tests-with-security/src/test/resources/rest-api-spec/test/multi_cluster/80_transform.yml

@@ -26,17 +26,22 @@ setup:
   - do:
       security.put_role:
         name: "x_cluster_role"
+        # gh#72715: the my_remote_cluster privileges should not be needed
         body:  >
           {
             "cluster": [],
             "indices": [
               {
-                "names": ["test_index", "my_remote_cluster:test_i*", "my_remote_cluster:aliased_test_index"],
-                "privileges": ["all", "view_index_metadata"]
+                "names": ["test_index"],
+                "privileges": ["read", "view_index_metadata"]
               },
               {
                 "names": ["simple-remote-transform*", "simple-local-remote-transform"],
-                "privileges": ["all"]
+                "privileges": ["create_index", "index", "read"]
+              },
+              {
+                "names": ["my_remote_cluster:remote_test_i*", "my_remote_cluster:aliased_test_index"],
+                "privileges": ["read", "view_index_metadata"]
               }
             ]
           }
@@ -50,7 +55,7 @@ setup:
             "indices": [
               {
                 "names": ["simple-remote-transform*", "simple-local-remote-transform"],
-                "privileges": ["all"]
+                "privileges": ["create_index", "index", "read"]
               }
             ]
           }
@@ -73,7 +78,7 @@ teardown:
         transform_id: "simple-remote-transform"
         body: >
           {
-            "source": { "index": "my_remote_cluster:test_index" },
+            "source": { "index": "my_remote_cluster:remote_test_index" },
             "dest": { "index": "simple-remote-transform" },
             "pivot": {
               "group_by": { "user": {"terms": {"field": "user"}}},
@@ -132,7 +137,7 @@ teardown:
         transform_id: "simple-remote-transform"
         body: >
           {
-            "source": { "index": ["my_remote_cluster:test_index", "my_remote_cluster:test_index_2"] }
+            "source": { "index": ["my_remote_cluster:remote_test_index", "my_remote_cluster:remote_test_index_2"] }
           }
   - do:
       headers: { Authorization: "Basic am9lOnRyYW5zZm9ybS1wYXNzd29yZA==" }
@@ -152,7 +157,7 @@ teardown:
         body:  >
           {
             "source": {
-              "index": "my_remote_cluster:test_index",
+              "index": "my_remote_cluster:remote_test_index",
               "runtime_mappings" : {
                 "user-upper": {
                   "type": "keyword",
@@ -232,7 +237,7 @@ teardown:
         transform_id: "simple-local-remote-transform"
         body: >
           {
-            "source": { "index": ["test_index", "my_remote_cluster:test_index"] },
+            "source": { "index": ["test_index", "my_remote_cluster:remote_test_index"] },
             "dest": { "index": "simple-local-remote-transform" },
             "pivot": {
               "group_by": { "user": {"terms": {"field": "user"}}},
@@ -294,13 +299,13 @@ teardown:
 ---
 "Batch transform from remote cluster when the user is not authorized":
   - do:
-      catch: /Cannot create transform \[simple-remote-transform\] because user bob lacks all the required permissions for indices. \[my_remote_cluster:test_index, simple-remote-transform\]/
+      catch: /Cannot create transform \[simple-remote-transform\] because user bob lacks all the required permissions for indices. \[my_remote_cluster:remote_test_index, simple-remote-transform\]/
       headers: { Authorization: "Basic Ym9iOnRyYW5zZm9ybS1wYXNzd29yZA==" }  # This is bob
       transform.put_transform:
         transform_id: "simple-remote-transform"
         body: >
           {
-            "source": { "index": "my_remote_cluster:test_index" },
+            "source": { "index": "my_remote_cluster:remote_test_index" },
             "dest": { "index": "simple-remote-transform" },
             "pivot": {
               "group_by": { "user": {"terms": {"field": "user"}}},
@@ -316,7 +321,7 @@ teardown:
         transform_id: "simple-remote-transform-2"
         body: >
           {
-            "source": { "index": "my_remote_cluster:test_index" },
+            "source": { "index": "my_remote_cluster:remote_test_index" },
             "dest": { "index": "simple-remote-transform-2" },
             "pivot": {
               "group_by": { "user": {"terms": {"field": "user"}}},
@@ -325,13 +330,13 @@ teardown:
           }
   - match: { acknowledged: true }
   - do:
-      catch: /Cannot update transform \[simple-remote-transform-2\] because user bob lacks all the required permissions for indices. \[my_remote_cluster:test_index, simple-remote-transform-2\]/
+      catch: /Cannot update transform \[simple-remote-transform-2\] because user bob lacks all the required permissions for indices. \[my_remote_cluster:remote_test_index, simple-remote-transform-2\]/
       headers: { Authorization: "Basic Ym9iOnRyYW5zZm9ybS1wYXNzd29yZA==" }  # This is bob
       transform.update_transform:
         transform_id: "simple-remote-transform-2"
         body: >
           {
-            "source": { "index": "my_remote_cluster:test_index" },
+            "source": { "index": "my_remote_cluster:remote_test_index" },
             "dest": { "index": "simple-remote-transform-2" }
           }
 
@@ -343,7 +348,7 @@ teardown:
       transform.preview_transform:
         body: >
           {
-            "source": { "index": "my_remote_cluster:test_index" },
+            "source": { "index": "my_remote_cluster:remote_test_index" },
             "dest": { "index": "simple-remote-transform-2" },
             "pivot": {
               "group_by": { "user": {"terms": {"field": "user"}}},

x-pack/plugin/transform/qa/multi-cluster-tests-with-security/src/test/resources/rest-api-spec/test/remote_cluster/80_transform.yml

@@ -22,7 +22,7 @@ setup:
               "cluster": [],
               "indices": [
                 {
-                  "names": ["test_index*"],
+                  "names": ["remote_test_index*"],
                   "privileges": ["read", "view_index_metadata"]
                 }
               ]
@@ -38,7 +38,7 @@ teardown:
 "Index data on the remote cluster":
   - do:
       indices.create:
-        index: test_index
+        index: remote_test_index
         body:
           settings:
             index:
@@ -61,28 +61,28 @@ teardown:
       bulk:
         refresh: true
         body:
-            - '{"index": {"_index": "test_index"}}'
+            - '{"index": {"_index": "remote_test_index"}}'
             - '{"user": "a", "stars": 1, "date" : "2018-10-29T12:12:12.123456789Z"}'
-            - '{"index": {"_index": "test_index"}}'
+            - '{"index": {"_index": "remote_test_index"}}'
             - '{"user": "a", "stars": 4, "date" : "2018-10-29T12:14:12.123456789Z"}'
-            - '{"index": {"_index": "test_index"}}'
+            - '{"index": {"_index": "remote_test_index"}}'
             - '{"user": "a", "stars": 5, "date" : "2018-10-29T12:16:12.123456789Z"}'
-            - '{"index": {"_index": "test_index"}}'
+            - '{"index": {"_index": "remote_test_index"}}'
             - '{"user": "b", "stars": 2, "date" : "2018-10-29T12:17:12.123456789Z"}'
-            - '{"index": {"_index": "test_index"}}'
+            - '{"index": {"_index": "remote_test_index"}}'
             - '{"user": "b", "stars": 3, "date" : "2018-10-29T12:22:12.123456789Z"}'
-            - '{"index": {"_index": "test_index"}}'
+            - '{"index": {"_index": "remote_test_index"}}'
             - '{"user": "a", "stars": 5, "date" : "2018-10-29T12:23:12.123456789Z"}'
-            - '{"index": {"_index": "test_index"}}'
+            - '{"index": {"_index": "remote_test_index"}}'
             - '{"user": "b", "stars": 1, "date" : "2018-10-29T12:32:12.123456789Z"}'
-            - '{"index": {"_index": "test_index"}}'
+            - '{"index": {"_index": "remote_test_index"}}'
             - '{"user": "a", "stars": 3, "date" : "2018-10-29T12:34:12.123456789Z"}'
-            - '{"index": {"_index": "test_index"}}'
+            - '{"index": {"_index": "remote_test_index"}}'
             - '{"user": "c", "stars": 4, "date" : "2018-10-29T12:35:12.123456789Z"}'
   - do:
       search:
         rest_total_hits_as_int: true
-        index: test_index
+        index: remote_test_index
         body:
           aggs:
             user:
@@ -97,7 +97,7 @@ teardown:
 
   - do:
       indices.create:
-        index: test_index_2
+        index: remote_test_index_2
         body:
           settings:
             index:
@@ -120,7 +120,7 @@ teardown:
       bulk:
         refresh: true
         body:
-            - '{"index": {"_index": "test_index_2"}}'
+            - '{"index": {"_index": "remote_test_index_2"}}'
             - '{"user": "e", "stars": 3, "date" : "2018-10-29T12:12:12.123456789Z"}'
-            - '{"index": {"_index": "test_index_2"}}'
+            - '{"index": {"_index": "remote_test_index_2"}}'
             - '{"user": "d", "stars": 4, "date" : "2018-10-29T12:14:12.123456789Z"}'