[Detection Engine][FTR] Use of refresh in FTRs
#182889
Labels
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detection Rule Management
Security Detection Rule Management Team
Team:Detections and Resp
Security Detection Response Team
Comments
yctercero
added
Team:Detections and Resp
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
|
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
|
Pinging @elastic/security-detection-engine (Team:Detection Engine) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
A number of our tests (FTRs) make use of utils that manually refresh internal indices. This is ok when running them in ESS, but not when running them in Serverless. In Serverless, the
superuserrole does not have sufficient privileges to execute such actions on internal indices.We can consider elevating the privileges of our test user, but that would make me worry that we may be moving our tests a bit further away from the "true" behavior.
Examples:
x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/create_prebuilt_rule_saved_objects.tsx-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/install_prebuilt_rules_and_timelines.tsAction needed
Determine if there is best practice for conducting actions in tests that users may be blocked from in Serverless environment. Is it absolutely necessary? Could we do without it?
The text was updated successfully, but these errors were encountered: