[Security Solution] Serverless SAML role definitions are not synchronized to authoritative source

[rylnd]

Summary

We currently have at least three definitions of serverless roles within kibana:

1. kbn-es security roles
2. endpoint script roles
3. test_serverless roles

While these were originally generated from and meant to be synchronized with [the project controller roles definition](), they have now become out of sync, both with each other and with the original source. This means that tests are not reflective of a true serverless environment, which is not good.

Actions needed

We need the following to happen, in order of priority:

1. Synchronize all definitions to be identical
2. Provide a single source of truth for these definitions to be consumed within kibana
3. Define a mechanism to ensure the kibana definitions stay synchronized with the project-controller definitions.

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[rylnd]

cc @paul-tavares ; we were discussing these definitions in the context of some Alert Suppression work.

[paul-tavares]

Thanks for opening this @rylnd .

It would be great if we could find a way (utility) that could retrieve the "real" source of the roles (from project-controller) and use that for testing/ci/etc... Maybe the Kibana ops team can help here. Example: could we use the github client in CI to pull the source file from project-controller instead of keeping a duplicate in kibana?

just an idea I had and had planned on experimenting with, but time did not allow it 😞

Also: @MadameSheema and her team can help find a solution

[elasticmachine]

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

[elasticmachine]

Pinging @elastic/security-detection-engine (Team:Detection Engine)