elastic · kibanamachine · May 4, 2026 · May 4, 2026
@@ -467,7 +467,6 @@ const AXIOS_LEGACY_CONSUMERS = [
   'x-pack/solutions/observability/plugins/synthetics/server/telemetry/**/*.{js,mjs,ts,tsx}',
   'x-pack/solutions/observability/test/api_integration/profiling/**/*.{js,mjs,ts,tsx}',
   'x-pack/solutions/security/packages/kbn-securitysolution-utils/src/axios/**/*.{js,mjs,ts,tsx}',
-  'x-pack/solutions/security/plugins/elastic_assistant/scripts/**/*.{js,mjs,ts,tsx,jsx}',
   'x-pack/solutions/security/plugins/security_solution/common/endpoint/data_loaders/**/*.{js,mjs,ts,tsx}',
   'x-pack/solutions/security/plugins/security_solution/common/endpoint/format_axios_error.ts',
   'x-pack/solutions/security/plugins/security_solution/common/endpoint/utils/**/*.{js,mjs,ts,tsx}',

@@ -8,11 +8,10 @@
 /**
  * Script to create and log in multiple test users in Elasticsearch and Kibana.
  *
- * This script uses Axios to interact with Elasticsearch's security API to create users
+ * This script uses native fetch to interact with Elasticsearch's security API to create users
  * and Puppeteer to automate logging into Kibana. It generates random user data using Faker.
  */
 
-const axios = require('axios');
 const puppeteer = require('puppeteer');
 const { faker } = require('@faker-js/faker');
 const { SECURITY_FEATURE_ID } = require('../common/constants');
@@ -29,10 +28,7 @@ const noAssistant = args.includes('--no-assistant');
 // Elasticsearch and Kibana configuration
 const elasticUrl = 'http://localhost:9200';
 const kibanaUrl = 'http://localhost:5601/kbn';
-const elasticAuth = {
-  username: 'elastic',
-  password: 'changeme',
-};
+const elasticBasicAuth = `Basic ${Buffer.from('elastic:changeme').toString('base64')}`;
 
 /**
  * Creates a restricted role that denies access to the Security Assistant.
@@ -44,27 +40,34 @@ const createRestrictedRole = async (roleName) => {
 
   // First check if the role already exists
   try {
-    const checkResponse = await axios.get(url, {
-      auth: elasticAuth,
-      headers: { 'Content-Type': 'application/json', 'kbn-xsrf': 'xsrf' },
+    const checkResponse = await fetch(url, {
+      headers: { Authorization: elasticBasicAuth, 'Content-Type': 'application/json' },
     });
 
-    if (checkResponse.status === 200) {
+    if (checkResponse.ok) {
       console.log(`ℹ️  Role ${roleName} already exists`);
       return;
     }
-  } catch (err) {
     // Role doesn't exist, continue to create it
-    if (err.response?.status !== 404) {
-      console.error(`❌ Error checking role ${roleName}:`, err.response?.data || err.message);
-      return err;
+    if (checkResponse.status !== 404) {
+      const body = await checkResponse.text();
+      console.error(`❌ Error checking role ${roleName}:`, body);
+      return new Error(body);
     }
+  } catch (err) {
+    console.error(`❌ Error checking role ${roleName}:`, err.message);
+    return err;
   }
 
   try {
-    await axios.put(
-      url,
-      {
+    const createResponse = await fetch(url, {
+      method: 'PUT',
+      headers: {
+        Authorization: elasticBasicAuth,
+        'Content-Type': 'application/json',
+        'kbn-xsrf': 'xsrf',
+      },
+      body: JSON.stringify({
         description: '',
         elasticsearch: {
           cluster: [],
@@ -129,15 +132,16 @@ const createRestrictedRole = async (roleName) => {
             },
           },
         ],
-      },
-      {
-        auth: elasticAuth,
-        headers: { 'Content-Type': 'application/json', 'kbn-xsrf': 'xsrf' },
-      }
-    );
+      }),
+    });
+    if (!createResponse.ok) {
+      const body = await createResponse.text();
+      console.error(`❌ Failed to create role ${roleName}:`, body);
+      return new Error(body);
+    }
     console.log(`✅ Created restricted role ${roleName}`);
   } catch (err) {
-    console.error(`❌ Failed to create role ${roleName}:`, err.response?.data || err.message);
+    console.error(`❌ Failed to create role ${roleName}:`, err.message);
     return err;
   }
 };
@@ -158,30 +162,29 @@ const createUser = async (username, fullName, restricted = false) => {
 
   const url = `${elasticUrl}/_security/user/${username}`;
   try {
-    await axios.put(
-      url,
-      {
+    const userResponse = await fetch(url, {
+      method: 'PUT',
+      headers: { Authorization: elasticBasicAuth, 'Content-Type': 'application/json' },
+      body: JSON.stringify({
         password: 'changeme',
         roles: restricted ? [restrictedRoleName] : ['superuser'],
         full_name: fullName,
         email: `${username}@elastic.co`,
-      },
-      {
-        auth: elasticAuth,
-        headers: { 'Content-Type': 'application/json' },
-      }
-    );
-    console.log(
-      `✅ Created user ${username} (${fullName})${
-        restricted ? ' with Security Assistant restrictions' : ''
-      }`
-    );
-  } catch (err) {
-    if (err.response?.status === 409) {
+      }),
+    });
+    if (userResponse.ok) {
+      console.log(
+        `✅ Created user ${username} (${fullName})${
+          restricted ? ' with Security Assistant restrictions' : ''
+        }`
+      );
+    } else if (userResponse.status === 409) {
       console.log(`ℹ️  User ${username} already exists`);
     } else {
-      console.error(`❌ Failed to create ${username}:`, err.response?.data || err.message);
+      console.error(`❌ Failed to create ${username}:`, await userResponse.text());
     }
+  } catch (err) {
+    console.error(`❌ Failed to create ${username}:`, err.message);
   }
 };
 

@@ -10,7 +10,6 @@ import { randomBytes } from 'node:crypto';
 import yargs from 'yargs/yargs';
 import { ToolingLog } from '@kbn/tooling-log';
 import { Client } from '@elastic/elasticsearch';
-import axios from 'axios';
 import pLimit from 'p-limit';
 import { API_VERSIONS } from '@kbn/elastic-assistant-common';
 import type { CreateMessageSchema } from '../server/ai_assistant_data_clients/conversations/types';
@@ -53,12 +52,20 @@ export const create = async () => {
 
   try {
     logger.info(`Fetching available connectors...`);
-    const { data: connectors } = await axios.get(connectorsApiUrl, {
+    const connectorsResponse = await fetch(connectorsApiUrl, {
       headers: requestHeaders,
     });
-    const aiConnectors = connectors.filter(
-      ({ connector_type_id: connectorTypeId }: { connector_type_id: string }) =>
-        AllowedActionTypeIds.includes(connectorTypeId)
+    if (!connectorsResponse.ok) {
+      throw new Error(
+        `Failed to fetch connectors from ${connectorsApiUrl}: ${connectorsResponse.status} ${connectorsResponse.statusText}`
+      );
+    }
+    const connectors = (await connectorsResponse.json()) as Array<{
+      id: string;
+      connector_type_id: string;
+    }>;
+    const aiConnectors = connectors.filter(({ connector_type_id: connectorTypeId }) =>
+      AllowedActionTypeIds.includes(connectorTypeId)
     );
     if (aiConnectors.length === 0) {
       throw new Error('No AI connectors found, create an AI connector to use this script');