Skip to content

[9.1] [axonius] - Fix Cannot execute ILM policy delete step in other datastreams (#140046)#140055

Merged
mohitjha-elastic merged 1 commit intoelastic:9.1from
muskan-agarwal26:backport/9.1/pr-140046
Dec 31, 2025
Merged

[9.1] [axonius] - Fix Cannot execute ILM policy delete step in other datastreams (#140046)#140055
mohitjha-elastic merged 1 commit intoelastic:9.1from
muskan-agarwal26:backport/9.1/pr-140046

Conversation

@muskan-agarwal26
Copy link
Contributor

@muskan-agarwal26 muskan-agarwal26 commented Dec 30, 2025

Backport

This will backport the following commits from main to 9.1:

Questions ?

Please refer to the Backport tool documentation
@muskan-agarwal26
[axonius] - Fix Cannot execute ILM policy delete step in other datast…
5067d1c 
…reams (elastic#140046)

This PR focuses on the short term solution which add the logs-axonius.alert_and_incident-*,logs-axonius.storage-*,logs-axonius.ticket-*,logs-axonius.application-*,logs-axonius.network-*,logs-axonius.identity-*,logs-axonius.exposure-*,logs-axonius.compute-*,logs-axonius.gateway-*,logs-axonius.user-* indices under the kibana_system role with deletion privileges to prevent a failed deletion error when the index enters the deletion phase for the ILM lifecycle, in upcoming PR. As it ships transform pipeline too hence read, write permissions are also required.

---------

Co-authored-by: muskan-crest <muskan.agarwal@crestdata.ai>
(cherry picked from commit cba13bc)

# Conflicts:
#	x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/KibanaOwnedReservedRoleDescriptors.java
#	x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStoreTests.java
@muskan-agarwal26 muskan-agarwal26 requested a review from a team as a code owner December 30, 2025 11:56
@elasticsearchmachine elasticsearchmachine added needs:triage Requires assignment of a team area label external-contributor Pull request authored by a developer outside the Elasticsearch team v9.1.10 labels Dec 30, 2025
@muskan-agarwal26 muskan-agarwal26 mentioned this pull request Dec 30, 2025
Merged
@mohitjha-elastic mohitjha-elastic added :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC backport Team:Security Meta label for security team Team:Cloud Security Meta label for Cloud Security team >non-issue and removed needs:triage Requires assignment of a team area label labels Dec 31, 2025
@azasypkin
Copy link
Contributor

azasypkin commented Dec 31, 2025

@elasticmachine test this please
@mohitjha-elastic mohitjha-elastic merged commit 49a5780 into elastic:9.1 Dec 31, 2025
41 of 42 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backport external-contributor Pull request authored by a developer outside the Elasticsearch team >non-issue :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC Team:Cloud Security Meta label for Cloud Security team Team:Security Meta label for security team v9.1.10

4 participants

@muskan-agarwal26 @azasypkin @elasticsearchmachine @mohitjha-elastic