diff --git a/output/schema/schema.json b/output/schema/schema.json
index 89e0fd92d9..d1cb2d5f2d 100644
--- a/output/schema/schema.json
+++ b/output/schema/schema.json
@@ -154931,15 +154931,30 @@
           }
         },
         {
-          "description": "A search query that defines the documents the owners of the role have read access to. A document within the specified indices must match this query for it to be accessible by the owners of the role.",
+          "description": "Search queries that define the documents the owners of the role have read access to. A document within the specified indices must match this query for it to be accessible by the owners of the role.",
           "name": "query",
           "required": false,
           "type": {
-            "kind": "instance_of",
-            "type": {
-              "name": "IndicesPrivilegesQuery",
-              "namespace": "security._types"
-            }
+            "items": [
+              {
+                "kind": "instance_of",
+                "type": {
+                  "name": "IndicesPrivilegesQuery",
+                  "namespace": "security._types"
+                }
+              },
+              {
+                "kind": "array_of",
+                "value": {
+                  "kind": "instance_of",
+                  "type": {
+                    "name": "IndicesPrivilegesQuery",
+                    "namespace": "security._types"
+                  }
+                }
+              }
+            ],
+            "kind": "union_of"
           }
         },
         {
diff --git a/output/typescript/types.ts b/output/typescript/types.ts
index 70f2dfbe5e..3589ce699b 100644
--- a/output/typescript/types.ts
+++ b/output/typescript/types.ts
@@ -15293,7 +15293,7 @@ export interface SecurityIndicesPrivileges {
   field_security?: SecurityFieldSecurity | SecurityFieldSecurity[]
   names: Indices
   privileges: SecurityIndexPrivilege[]
-  query?: SecurityIndicesPrivilegesQuery
+  query?: SecurityIndicesPrivilegesQuery | SecurityIndicesPrivilegesQuery[]
   allow_restricted_indices?: boolean
 }
 
diff --git a/specification/security/_types/Privileges.ts b/specification/security/_types/Privileges.ts
index 89faac1572..acd393a5ee 100644
--- a/specification/security/_types/Privileges.ts
+++ b/specification/security/_types/Privileges.ts
@@ -93,9 +93,9 @@ export class IndicesPrivileges {
    */
   privileges: IndexPrivilege[]
   /**
-   * A search query that defines the documents the owners of the role have read access to. A document within the specified indices must match this query for it to be accessible by the owners of the role.
+   * Search queries that define the documents the owners of the role have read access to. A document within the specified indices must match this query for it to be accessible by the owners of the role.
    */
-  query?: IndicesPrivilegesQuery
+  query?: IndicesPrivilegesQuery | IndicesPrivilegesQuery[]
   /**
    * Set to `true` if using wildcard or regular expressions for patterns that cover restricted indices. Implicitly, restricted indices have limited privileges that can cause pattern tests to fail. If restricted indices are explicitly included in the `names` list, Elasticsearch checks privileges against these indices regardless of the value set for `allow_restricted_indices`.
    * @server_default false