-
Notifications
You must be signed in to change notification settings - Fork 24.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add delete privilege to kibana_system for APM #85085
Conversation
Pinging @elastic/es-security (Team:Security) |
Hi @axw, I've created a changelog YAML for you. |
...core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStore.java
Outdated
Show resolved
Hide resolved
(To ensure we match future APM data streams as well.)
@elasticmachine run elasticsearch-ci/part-1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One nit on the index pattern, other LGTM
...core/src/main/java/org/elasticsearch/xpack/core/security/authz/store/ReservedRolesStore.java
Outdated
Show resolved
Hide resolved
Ping @elastic/kibana-security for awareness |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ping @elastic/kibana-security for awareness
Thanks! I reviewed the issues and the changes make sense to me.
Approving this with a LGTM for posterity 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Thanks all! |
💔 Backport failedThe backport operation could not be completed due to the following error:
You can use sqren/backport to manually backport by running |
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
* Add delete privilege to kibana_system for APM * Update docs/changelog/85085.yaml * Loosen APM data stream wildcards (To ensure we match future APM data streams as well.) * Fix trailing comma * Fix linting * Make data stream patterns more specific (cherry picked from commit e9f36d4)
* Add delete privilege to kibana_system for APM (#85085) * Add delete privilege to kibana_system for APM * Update docs/changelog/85085.yaml * Loosen APM data stream wildcards (To ensure we match future APM data streams as well.) * Fix trailing comma * Fix linting * Make data stream patterns more specific * Update docs/changelog/85199.yaml * Delete 85199.yaml
Extend the
kibana_system
privileges to allow deletion of all APM indices.This is a followup to #81811. Delete phases were added to all APM data stream ILM policies in 8.0.
Closes elastic/kibana#128014 elastic/apm-server#7568