wazuh/wazuh-indexer
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-indexer.git synced 2025-12-10 14:24:14 -06:00
Code Issues Packages Projects Releases 24 Wiki Activity

Create new roles for Indexer Content Manager API (#1243)

Browse Source 
Co-authored-by: Alex Ruiz <alejandro.ruiz.becerra@wazuh.com>
This commit is contained in:
Jorge Sánchez 2025-11-26 15:03:40 +01:00 committed by GitHub
parent df686eec0c
commit f5cd771284
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -14,6 +14,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Add Cross-Cluster Search environment [(#1034)](https://github.com/wazuh/wazuh-indexer/pull/1034) - Add Cross-Cluster Search environment [(#1034)](https://github.com/wazuh/wazuh-indexer/pull/1034)
- Add Security Analytics fork to Wazuh Indexer packages [(#1188)](https://github.com/wazuh/wazuh-indexer/pull/1188) - Add Security Analytics fork to Wazuh Indexer packages [(#1188)](https://github.com/wazuh/wazuh-indexer/pull/1188)
- Map `alerting_full_access` and `notifications_full_access` roles to the `kibanaserver` user [(#1201)](https://github.com/wazuh/wazuh-indexer/pull/1201) - Map `alerting_full_access` and `notifications_full_access` roles to the `kibanaserver` user [(#1201)](https://github.com/wazuh/wazuh-indexer/pull/1201)
- Create new roles for Indexer Content Manager API [(#1243)](https://github.com/wazuh/wazuh-indexer/pull/1243)
### Fixed ### Fixed

29
distribution/src/config/security/roles.wazuh.yml
View File

@ -172,3 +172,32 @@ ml_config_write:
- "system:admin/system_index" - "system:admin/system_index"
tenant_permissions: [] tenant_permissions: []
static: false static: false
# Roles for Content Manager plugin subscription management
cm_subscription_read:
reserved: true
hidden: false
cluster_permissions:
- "plugin:content_manager/subscription_get"
index_permissions: []
tenant_permissions: []
static: true
cm_subscription_write:
reserved: true
hidden: false
cluster_permissions:
- "plugin:content_manager/subscription_post"
- "plugin:content_manager/subscription_delete"
index_permissions: []
tenant_permissions: []
static: true
cm_update:
reserved: true
hidden: false
cluster_permissions:
- "plugin:content_manager/update"
index_permissions: []
tenant_permissions: []
static: true

28
distribution/src/config/security/roles_mapping.wazuh.yml
View File

@ -120,3 +120,31 @@ notifications_full_access:
users: users:
- "kibanaserver" - "kibanaserver"
and_backend_roles: [] and_backend_roles: []
# Roles for Content Manager plugin subscription management
cm_subscription_read:
reserved: true
hidden: false
backend_roles: [ ]
hosts: [ ]
users:
- "wazuh-server"
and_backend_roles: [ ]
cm_subscription_write:
reserved: true
hidden: false
backend_roles: [ ]
hosts: [ ]
users:
- "wazuh-dashboard"
and_backend_roles: [ ]
cm_update:
reserved: true
hidden: false
backend_roles: [ ]
hosts: [ ]
users:
- "wazuh-dashboard"
and_backend_roles: [ ]