[Security Solution] Rule Management tests shouldn't access system indices directly

[banderror]

Related to: https://github.com/elastic/kibana-team/issues/1173 (internal)

Summary

Some of the tests owned by the Rule Management team rely on direct access to saved object indices, for example when we need to index mock prebuilt rule assets.

Access to system indices will be prevented by default in 9.0:

Elasticsearch deprecation: 299 Elasticsearch-9d3fc35316c008f2fa637c73d93ebc9df81f20e4 this request accesses system indices: [.kibana_security_solution_1], but in a future major version, direct access to system indices will be prevented by default

We need to find a workaround.

Tests

Below are tests that were found to be accessing system indices (copied from https://github.com/elastic/kibana-team/issues/1173):

Total deprecated usages by team: 3

• x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/configs/serverless.config.ts

  
  Elasticsearch deprecation: 299 Elasticsearch-9d3fc35316c008f2fa637c73d93ebc9df81f20e4 this request accesses system indices: [.kibana_security_solution_1], but in a future major version, direct access to system indices will be prevented by default
  Stack trace:
    at kibana/node_modules/@elastic/transport/lib/Transport.js:636:32
    at KibanaTransport.request (kibana/node_modules/@elastic/transport/lib/Transport.js:632:20)
    at KibanaTransport.request (kibana/node_modules/@kbn/core-elasticsearch-client-server-internal/src/create_transport.js:60:16)
    at ClientTraced.IndexApi [as index] (kibana/node_modules/@elastic/elasticsearch/lib/api/api/index.js:58:12)
  Query:
  200 - 214.0B
  PUT /.kibana_task_manager_9.0.0/_doc/background-task-node%3Aa597006e-8e48-4caa-910f-c8043b110f55?refresh=false&if_seq_no=125&if_primary_term=1&require_alias=true
  {background-task-node:{id:a597006e-8e48-4caa-910f-c8043b110f55,last_seen:2024-10-18T11:23:04.422Z},type:background-task-node,references:[],managed:false,coreMigrationVersion:8.8.0,typeMigrationVersion:10.1.0,updated_at:2024-10-18T11:23:04.428Z,created_at:2024-10-18T11:20:56.470Z}```

• x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/configs/ess.config.ts

  
  Elasticsearch deprecation: 299 Elasticsearch-9.0.0-5bf446ea2e10aac093f0e02dd123db39466b6c56 this request accesses system indices: [.kibana_9.0.0_001, .kibana_alerting_cases_9.0.0_001, .kibana_analytics_9.0.0_001, .kibana_ingest_9.0.0_001, .kibana_security_solution_9.0.0_001, .kibana_task_manager_9.0.0_001, .kibana_usage_counters_9.0.0_001], but in a future major version, direct access to system indices will be prevented by default
  Stack trace:
    at kibana/node_modules/@elastic/transport/lib/Transport.js:636:32
    at KibanaTransport.request (kibana/node_modules/@elastic/transport/lib/Transport.js:632:20)
  Query:
  201 - 225.0B
  PUT /.kibana_9.0.0/_doc/event_loop_delays_daily%3A5b2de169-2785-441b-ae8c-186a1936b17d%3A%3A5754%3A%3A18102024?refresh=wait_for&require_alias=true
  {event_loop_delays_daily:{min:1.677312,max:704.118783,mean:12.494727404496835,exceeds:0,stddev:21.204492705223956,fromTimestamp:2024-10-18T11:09:56.969Z,lastUpdatedAt:2024-10-18T11:10:56.969Z,percentiles:{50:10.461183,75:10.649599,95:18.579455,99:45.875199},processId:5754,instanceUuid:5b2de169-2785-441b-ae8c-186a1936b17d},type:event_loop_delays_daily,references:[],managed:false,coreMigrationVersion:8.8.0,updated_at:2024-10-18T11:10:56.970Z,created_at:2024-10-18T11:10:56.970Z}```

• x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/configs/ess.config.ts

  
  Elasticsearch deprecation: 299 Elasticsearch-9.0.0-5bf446ea2e10aac093f0e02dd123db39466b6c56 this request accesses system indices: [.kibana_security_solution_9.0.0_001], but in a future major version, direct access to system indices will be prevented by default
  Stack trace:
    at kibana/node_modules/@elastic/transport/lib/Transport.js:636:32
    at KibanaTransport.request (kibana/node_modules/@elastic/transport/lib/Transport.js:632:20)
  Query:
  201 - 224.0B
  PUT /.kibana_security_solution_9.0.0/_create/cloud-security-posture-settings%3Acsp-internal-settings?refresh=wait_for&require_alias=true
  {cloud-security-posture-settings:{rules:{}},type:cloud-security-posture-settings,references:[],managed:false,coreMigrationVersion:8.8.0,typeMigrationVersion:10.1.0,updated_at:2024-10-18T11:14:58.176Z,created_at:2024-10-18T11:14:58.176Z}```

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)