Fix unsupported privileges error message during role and API key creation #128132
Description
Elasticsearch Version
8.19 and up
Installed Plugins
No response
Java Version
bundled
OS Version
not relevant
Problem Description
Currently, attempting to create an role or API key with an unknown index privilege results in the following error message:
Validation Failed: 1: unknown index privilege [foo]. a privilege must be either one of the predefined fixed indices privileges [manage_failure_store=[manage_failure_store],read_failure_store=[read_failure_store],none=[none],create_doc=[create_doc],create=[create],auto_configure=[auto_configure],create_index=[create_index],delete=[delete],delete_index=[delete_index],index=[index],maintenance=[maintenance],manage_data_stream_lifecycle=[manage_data_stream_lifecycle],manage_follow_index=[manage_follow_index],manage_ilm=[manage_ilm],manage_leader_index=[manage_leader_index],monitor=[monitor],view_index_metadata=[view_index_metadata],cross_cluster_replication=[cross_cluster_replication],cross_cluster_replication_internal=[cross_cluster_replication_internal],manage=[manage],read=[read],read_cross_cluster=[read_cross_cluster],write=[write],all=[all]] or a pattern over one of the available index actions;
Instead of using the name=[name] format, we should list the privilege names, for a more concise and user-friendly message, i.e.,:
Validation Failed: 1: unknown index privilege [foo]. a privilege must be either one of the predefined fixed indices privileges [manage_failure_store,read_failure_store,...,all] or a pattern over one of the available index actions;
Steps to Reproduce
Attempt to create a role with an invalid named privilege:
PUT /_security/role/analyst
{
"indices": [
{
"names": [ "index" ],
"privileges": [ "foo" ]
}
]
}
Logs (if relevant)
No response