Add kibana role management api

docs/resources/kibana_security_role.md

@@ -0,0 +1,145 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "elasticstack_kibana_security_role Resource - terraform-provider-elasticstack"
+subcategory: ""
+description: |-
+  Creates a Kibana role. See, https://www.elastic.co/guide/en/kibana/master/role-management-api-put.html
+---
+
+# elasticstack_kibana_security_role (Resource)
+
+Creates a Kibana role. See, https://www.elastic.co/guide/en/kibana/master/role-management-api-put.html
+
+## Example Usage
+
+```terraform
+provider "elasticstack" {
+  elasticsearch {}
+  kibana {}
+}
+
+resource "elasticstack_kibana_role" "example" {
+  name = "sample_role"
+  elasticsearch {
+    cluster = [ "create_snapshot" ]
+    indices {
+      field_security {
+        grant = ["test"]
+        except = []
+      }
+      names = ["test"]
+      privileges = ["create", "read", "write"]
+    }
+  }
+  kibana {
+    base = [ "all" ]
+    spaces = ["default"]
+  }
+  kibana {
+    feature {
+      name = "actions"
+      privileges = ["read"]
+    }
+    feature {
+      name = "discover"
+      privileges = ["minimal_read", "url_create", "store_search_session"]
+    }
+    feature {
+      name = "observabilityCases"
+      privileges = ["minimal_read", "cases_delete"]
+    }
+    feature {
+      name = "osquery"
+      privileges = ["minimal_read", "live_queries_all", "run_saved_queries", "saved_queries_read", "packs_all"]
+    }
+    feature {
+      name = "rulesSettings"
+      privileges = ["minimal_read", "readFlappingSettings"]
+    }
+    feature {
+      name = "securitySolutionCases"
+      privileges = ["minimal_read", "cases_delete"]
+    }
+
+    spaces = ["Default"]
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `elasticsearch` (Block Set, Min: 1, Max: 1) Elasticsearch cluster and index privileges. (see [below for nested schema](#nestedblock--elasticsearch))
+- `name` (String) The name for the role.
+
+### Optional
+
+- `kibana` (Block Set) The list of objects that specify the Kibana privileges for the role. (see [below for nested schema](#nestedblock--kibana))
+- `metadata` (String) Optional meta-data.
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+
+<a id="nestedblock--elasticsearch"></a>
+### Nested Schema for `elasticsearch`
+
+Optional:
+
+- `cluster` (Set of String) List of the cluster privileges.
+- `indices` (Block Set) A list of indices permissions entries. (see [below for nested schema](#nestedblock--elasticsearch--indices))
+- `run_as` (Set of String) A list of usernames the owners of this role can impersonate.
+
+<a id="nestedblock--elasticsearch--indices"></a>
+### Nested Schema for `elasticsearch.indices`
+
+Required:
+
+- `names` (Set of String) A list of indices (or index name patterns) to which the permissions in this entry apply.
+- `privileges` (Set of String) The index level privileges that the owners of the role have on the specified indices.
+
+Optional:
+
+- `field_security` (Block List, Max: 1) The document fields that the owners of the role have read access to. (see [below for nested schema](#nestedblock--elasticsearch--indices--field_security))
+- `query` (String) A search query that defines the documents the owners of the role have read access to.
+
+<a id="nestedblock--elasticsearch--indices--field_security"></a>
+### Nested Schema for `elasticsearch.indices.field_security`
+
+Optional:
+
+- `except` (Set of String) List of the fields to which the grants will not be applied.
+- `grant` (Set of String) List of the fields to grant the access to.
+
+
+
+
+<a id="nestedblock--kibana"></a>
+### Nested Schema for `kibana`
+
+Required:
+
+- `spaces` (Set of String) The spaces to apply the privileges to. To grant access to all spaces, set to ["*"], or omit the value.
+
+Optional:
+
+- `base` (Set of String) A base privilege. When specified, the base must be ["all"] or ["read"].
+- `feature` (Block Set) List of privileges for specific features. When the feature privileges are specified, you are unable to use the "base" section. (see [below for nested schema](#nestedblock--kibana--feature))
+
+<a id="nestedblock--kibana--feature"></a>
+### Nested Schema for `kibana.feature`
+
+Required:
+
+- `name` (String) Feature name.
+- `privileges` (Set of String) Feature privileges.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import elasticstack_kibana_security_role.my_space <cluster_uuid>/<role name>
+```

examples/resources/elasticstack_kibana_security_role/import.sh

@@ -0,0 +1 @@
+terraform import elasticstack_kibana_security_role.example_role <cluster_uuid>/<role name>

examples/resources/elasticstack_kibana_security_role/resource.tf

@@ -0,0 +1,52 @@
+
+provider "elasticstack" {
+  elasticsearch {}
+  kibana {}
+}
+
+resource "elasticstack_kibana_role" "example" {
+  name = "sample_role"
+  elasticsearch {
+    cluster = ["create_snapshot"]
+    indices {
+      field_security {
+        grant  = ["test"]
+        except = []
+      }
+      names      = ["test"]
+      privileges = ["create", "read", "write"]
+    }
+  }
+  kibana {
+    base   = ["all"]
+    spaces = ["default"]
+  }
+  kibana {
+    feature {
+      name       = "actions"
+      privileges = ["read"]
+    }
+    feature {
+      name       = "discover"
+      privileges = ["minimal_read", "url_create", "store_search_session"]
+    }
+    feature {
+      name       = "observabilityCases"
+      privileges = ["minimal_read", "cases_delete"]
+    }
+    feature {
+      name       = "osquery"
+      privileges = ["minimal_read", "live_queries_all", "run_saved_queries", "saved_queries_read", "packs_all"]
+    }
+    feature {
+      name       = "rulesSettings"
+      privileges = ["minimal_read", "readFlappingSettings"]
+    }
+    feature {
+      name       = "securitySolutionCases"
+      privileges = ["minimal_read", "cases_delete"]
+    }
+
+    spaces = ["Default"]
+  }
+}