-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ResponseOps][Alerting] Explicitly set access for all of our routes #192956
Labels
Team:ResponseOps
Label for the ResponseOps team (formerly the Cases and Alerting teams)
Comments
cnasikas
added
the
Team:ResponseOps
Label for the ResponseOps team (formerly the Cases and Alerting teams)
label
Sep 15, 2024
Pinging @elastic/response-ops (Team:ResponseOps) |
20 tasks
cnasikas
changed the title
[ResponseOps] Explicitly set access for all of our routes
[ResponseOps][Alerting] Explicitly set access for all of our routes
Sep 18, 2024
js-jankisalvi
added a commit
that referenced
this issue
Sep 26, 2024
…ions, connectors, rules, alerts, and cases plugins (#193520) ## Summary Resolves #192956 This PR adds - `access: internal` option to internal routes - `access: public` option to public routes It which will help restrict access of internal routes and allow users to access all public routes. This PR updates api routes of following `x-pack/plugins` - actions - alerting - cases - rule_registry - stack_connectors - triggers_actions_ui
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Sep 26, 2024
…ions, connectors, rules, alerts, and cases plugins (elastic#193520) ## Summary Resolves elastic#192956 This PR adds - `access: internal` option to internal routes - `access: public` option to public routes It which will help restrict access of internal routes and allow users to access all public routes. This PR updates api routes of following `x-pack/plugins` - actions - alerting - cases - rule_registry - stack_connectors - triggers_actions_ui (cherry picked from commit 9c78643)
kibanamachine
referenced
this issue
Sep 26, 2024
…of actions, connectors, rules, alerts, and cases plugins (#193520) (#194111) # Backport This will backport the following commits from `main` to `8.x`: - [[RsponseOps][Alerting] Explicitly set access to all API routes of actions, connectors, rules, alerts, and cases plugins (#193520)](#193520) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Janki Salvi","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-09-26T10:00:08Z","message":"[RsponseOps][Alerting] Explicitly set access to all API routes of actions, connectors, rules, alerts, and cases plugins (#193520)\n\n## Summary\r\nResolves https://github.com/elastic/kibana/issues/192956\r\nThis PR adds \r\n- `access: internal` option to internal routes \r\n- `access: public` option to public routes \r\n\r\nIt which will help restrict access of internal routes and allow users to\r\naccess all public routes.\r\n\r\nThis PR updates api routes of following `x-pack/plugins`\r\n- actions\r\n- alerting\r\n- cases\r\n- rule_registry\r\n- stack_connectors\r\n- triggers_actions_ui","sha":"9c7864309ce1c5a3d085151e3b67d1635bc558c8","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[RsponseOps][Alerting] Explicitly set access to all API routes of actions, connectors, rules, alerts, and cases plugins","number":193520,"url":"https://github.com/elastic/kibana/pull/193520","mergeCommit":{"message":"[RsponseOps][Alerting] Explicitly set access to all API routes of actions, connectors, rules, alerts, and cases plugins (#193520)\n\n## Summary\r\nResolves https://github.com/elastic/kibana/issues/192956\r\nThis PR adds \r\n- `access: internal` option to internal routes \r\n- `access: public` option to public routes \r\n\r\nIt which will help restrict access of internal routes and allow users to\r\naccess all public routes.\r\n\r\nThis PR updates api routes of following `x-pack/plugins`\r\n- actions\r\n- alerting\r\n- cases\r\n- rule_registry\r\n- stack_connectors\r\n- triggers_actions_ui","sha":"9c7864309ce1c5a3d085151e3b67d1635bc558c8"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193520","number":193520,"mergeCommit":{"message":"[RsponseOps][Alerting] Explicitly set access to all API routes of actions, connectors, rules, alerts, and cases plugins (#193520)\n\n## Summary\r\nResolves https://github.com/elastic/kibana/issues/192956\r\nThis PR adds \r\n- `access: internal` option to internal routes \r\n- `access: public` option to public routes \r\n\r\nIt which will help restrict access of internal routes and allow users to\r\naccess all public routes.\r\n\r\nThis PR updates api routes of following `x-pack/plugins`\r\n- actions\r\n- alerting\r\n- cases\r\n- rule_registry\r\n- stack_connectors\r\n- triggers_actions_ui","sha":"9c7864309ce1c5a3d085151e3b67d1635bc558c8"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Janki Salvi <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue #192897 lists all of our routes. We should explicitly set the intended access to all of our routes. Routes that do not have their access tag set are marked with an ❌ in the parent issue.
The text was updated successfully, but these errors were encountered: