elastic
diff --git a/‎output/openapi/elasticsearch-serverless-openapi.json
Lines changed: 310 additions & 33 deletions b/‎output/openapi/elasticsearch-serverless-openapi.json
Lines changed: 310 additions & 33 deletions
diff --git a/‎output/schema/schema.json
Lines changed: 121 additions & 25 deletions b/‎output/schema/schema.json
Lines changed: 121 additions & 25 deletions
diff --git a/‎output/schema/schema/schema.json
Lines changed: 118 additions & 15 deletions b/‎output/schema/schema/schema.json
Lines changed: 118 additions & 15 deletions
diff --git a/‎output/schema/validation-errors.json
Lines changed: 11 additions & 0 deletions b/‎output/schema/validation-errors.json
Lines changed: 11 additions & 0 deletions
diff --git a/‎output/typescript/types.ts
Lines changed: 1 addition & 1 deletion b/‎output/typescript/types.ts
Lines changed: 1 addition & 1 deletion
diff --git a/‎specification/security/_types/Privileges.ts
Lines changed: 94 additions & 5 deletions b/‎specification/security/_types/Privileges.ts
Lines changed: 94 additions & 5 deletions
diff --git a/‎specification/security/get_role/SecurityGetRoleRequest.ts
Lines changed: 1 addition & 1 deletion b/‎specification/security/get_role/SecurityGetRoleRequest.ts
Lines changed: 1 addition & 1 deletion
diff --git a/‎specification/security/put_role/SecurityPutRoleRequest.ts
Lines changed: 3 additions & 2 deletions b/‎specification/security/put_role/SecurityPutRoleRequest.ts
Lines changed: 3 additions & 2 deletions
@@ -42,58 +42,134 @@ export class ApplicationPrivileges {
 export enum ClusterPrivilege {
   all,
   cancel_task,
+  /**
+   * @availability stack
+   */
   create_snapshot,
+  /**
+   * @availability stack
+   */
+  grant_api_key,
+  /**
+   * @availability stack
+   */
   cross_cluster_replication,
+  /**
+   * @availability stack
+   */
   cross_cluster_search,
+  /**
+   * @availability stack
+   */
   delegate_pki,
-  grant_api_key,
   manage,
   manage_api_key,
+  /**
+   * @availability stack
+   */
   manage_autoscaling,
   manage_behavioral_analytics,
+  /**
+   * @availability stack
+   */
   manage_ccr,
   manage_data_frame_transforms,
   manage_data_stream_global_retention,
   manage_enrich,
+  /**
+   * @availability stack
+   */
   manage_ilm,
   manage_index_templates,
+  /**
+   * @availability stack
+   */
   manage_inference,
   manage_ingest_pipelines,
   manage_logstash_pipelines,
   manage_ml,
+  /**
+   * @availability stack
+   */
   manage_oidc,
   manage_own_api_key,
   manage_pipeline,
+  /**
+   * @availability stack
+   */
   manage_rollup,
+  /**
+   * @availability stack
+   */
   manage_saml,
   manage_search_application,
   manage_search_query_rules,
   manage_search_synonyms,
   manage_security,
+  /**
+   * @availability stack
+   */
   manage_service_account,
+  /**
+   * @availability stack
+   */
   manage_slm,
+  /**
+   * @availability stack
+   */
   manage_token,
   manage_transform,
+  /**
+   * @availability stack
+   */
   manage_user_profile,
+  /**
+   * @availability stack
+   */
   manage_watcher,
   monitor,
   monitor_data_frame_transforms,
   monitor_data_stream_global_retention,
   monitor_enrich,
   monitor_inference,
   monitor_ml,
+  /**
+   * @availability stack
+   */
   monitor_rollup,
+  /**
+   * @availability stack
+   */
   monitor_snapshot,
+  /**
+   * @availability stack
+   */
   monitor_text_structure,
   monitor_transform,
+  /**
+   * @availability stack
+   */
   monitor_watcher,
-  none,
-  post_behavioral_analytics_event,
+  /**
+   * @availability stack
+   */
   read_ccr,
-  read_connector_secrets,
-  read_fleet_secrets,
+  /**
+   * @availability stack
+   */
   read_ilm,
   read_pipeline,
+  /**
+   * @availability stack
+   */
+  read_slm,
+  /**
+   * @availability stack
+   */
+  transport_client,
+  none,
+  post_behavioral_analytics_event,
+  read_pipeline,
   read_security,
   read_slm,
   transport_client,
@@ -122,6 +198,7 @@ export class IndicesPrivileges {
   /**
    * Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.
    * @server_default false
+   * @availability stack
    */
   allow_restricted_indices?: boolean
 }
@@ -200,12 +277,24 @@ export enum IndexPrivilege {
   maintenance,
   manage,
   manage_data_stream_lifecycle,
+  /**
+   * @availability stack
+   */
   manage_follow_index,
+  /**
+   * @availability stack
+   */
   manage_ilm,
+  /**
+   * @availability stack
+   */
   manage_leader_index,
   monitor,
   none,
   read,
+  /**
+   * @availability stack
+   */
   read_cross_cluster,
   view_index_metadata,
   write
 
@@ -25,7 +25,7 @@ import { Names } from '@_types/common'
  * The get roles API cannot retrieve roles that are defined in roles files.
  * @rest_spec_name security.get_role
  * @availability stack since=0.0.0 stability=stable
- * @availability serverless stability=stable visibility=private
+ * @availability serverless stability=stable visibility=public
  * @cluster_privileges manage_security
  */
 export interface Request extends RequestBase {
 
@@ -32,7 +32,7 @@ import { Metadata, Name, Refresh } from '@_types/common'
  * The create or update roles API cannot update roles that are defined in roles files.
  * @rest_spec_name security.put_role
  * @availability stack since=0.0.0 stability=stable
- * @availability serverless stability=stable visibility=private
+ * @availability serverless stability=stable visibility=public
  * @cluster_privileges manage_security
  */
 export interface Request extends RequestBase {
@@ -56,6 +56,7 @@ export interface Request extends RequestBase {
     cluster?: ClusterPrivilege[]
     /**
      * An object defining global privileges. A global privilege is a form of cluster privilege that is request-aware. Support for global privileges is currently limited to the management of application privileges.
+     * @availability stack
      */
     global?: Dictionary<string, UserDefinedValue>
     /**
@@ -67,7 +68,7 @@ export interface Request extends RequestBase {
      */
     metadata?: Metadata
     /**
-     * A list of users that the owners of this role can impersonate.
+     * A list of users that the owners of this role can impersonate. *Note*: in Serverless, the run-as feature is disabled. For API compatibility, you can still specify an empty `run_as` field, but a non-empty list will be rejected.
      * @doc_id run-as-privilege
      */
     run_as?: string[]