diff --git a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/user/InternalUsers.java b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/user/InternalUsers.java index f61e7dd1ad4dd..aaef3b048175d 100644 --- a/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/user/InternalUsers.java +++ b/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/user/InternalUsers.java @@ -180,7 +180,9 @@ public class InternalUsers { // System data stream for result history of fleet actions (see Fleet#fleetActionsResultsDescriptor) ".fleet-actions-results", // System data streams for storing uploaded file data for Agent diagnostics and Endpoint response actions - ".fleet-fileds*" + ".fleet-fileds*", + // System data stream for kibana workflows logs + ".workflows-execution-data-stream-logs" ) .privileges( filterNonNull( diff --git a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/user/InternalUsersTests.java b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/user/InternalUsersTests.java index c6e8ddc8b928a..6cdd00d2e98f5 100644 --- a/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/user/InternalUsersTests.java +++ b/x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/security/user/InternalUsersTests.java @@ -253,7 +253,11 @@ public void testDataStreamLifecycleUser() { assertThat(role.application(), is(ApplicationPermission.NONE)); assertThat(role.remoteIndices(), is(RemoteIndicesPermission.NONE)); - final List allowedSystemDataStreams = Arrays.asList(".fleet-actions-results", ".fleet-fileds*"); + final List allowedSystemDataStreams = Arrays.asList( + ".fleet-actions-results", + ".fleet-fileds*", + ".workflows-execution-data-stream-logs" + ); for (var group : role.indices().groups()) { if (group.allowRestrictedIndices()) { assertThat(group.indices(), arrayContaining(allowedSystemDataStreams.toArray(new String[0])));