[Fleet] Expand openapi docs with privileges needed for each API call #172155
Labels
Comments
criamico
added
Team:Fleet
|
Pinging @elastic/fleet (Team:Fleet) |
|
@kpollich do you think we could prioritize this ticket for the upcoming sprints? |
|
@criamico - Great idea. This seems like a solid quality improvement, especially considering the docs team is exploring better solutions for hosting various OpenAPI specs. |
|
One thing to consider though is that we possibly have to get rid of our current openapi spec soon in favor of the code driven OAS generation that the kibana core team is working on. So we might want to wait for that before spending too much time on this. |
|
The API privileges are also going to change soon with RBAC/space awareness work. Going to punt this by a few sprints. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add privileges needed for each API call to our openapi specs. We currently don't have it documented anywhere and it can be only retrieved by looking at the code.
Example:
GET /epm/packagescan be called withreadprivileges - let's have this info in the swagger so it's easy for customer to know what type of role they need to setup.https://github.com/elastic/kibana/blob/bf5f8cb480cd842e6c4f630da923bbae68ae251e/x-pack/plugins/fleet/server/routes/epm/index.ts#L127C12-L127C12
kibana/x-pack/plugins/fleet/common/authz.ts
Line 92 in bf5f8cb
The text was updated successfully, but these errors were encountered: