[Security Solution] Disable deprecated rules bulk CRUD API endpoints #193184
Assignees
Labels
9.0 candidate
Breaking Change
Feature:Rule Management
Security Solution Detection Rule Management area
Team:Detection Rule Management
Security Detection Rule Management Team
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
v9.0.0
Comments
banderror
added
8.17 candidate
Breaking Change
Feature:Rule Management
|
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
banderror
changed the title
banderror
changed the title
This was referenced Oct 23, 2024
Merged
banderror
added a commit
that referenced
this issue
Nov 1, 2024
…in Serverless and 9.0 (#197422) **Partially addresses:** #193184 **Breaking change proposal:** elastic/dev#2772 (internal) ## Summary This PR disables the following deprecated [bulk API endpoints for creating, updating and deleting detection rules](https://www.elastic.co/guide/en/security/current/bulk-actions-rules-api.html) from [Elastic Security APIs](https://www.elastic.co/guide/en/security/current/security-apis.html) in Serverless and upcoming `v9.0.0`: | Method | Endpoint | | ------ | ------------------------------------------------------- | | POST | /api/detection_engine/rules/\_bulk_create | | PUT | /api/detection_engine/rules/\_bulk_update | | PATCH | /api/detection_engine/rules/\_bulk_update | | DELETE | /api/detection_engine/rules/\_bulk_delete | | POST | /api/detection_engine/rules/\_bulk_delete | Specifically, as a first step we remove the endpoints from the route registrations. Once elastic/dev#2772 is approved, we will merge this PR and remove the corresponding endpoint handlers and associated code in a follow-up PR. ### Checklist - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] elastic/security-docs#5981 - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios ### For maintainers - [x] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels) - [x] This will appear in the **Release Notes** and follow the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Related to: https://github.com/elastic/security-team/issues/9707 (internal), https://github.com/elastic/security-team/issues/9691 (internal), https://github.com/elastic/security-team/issues/7242 (internal)
Breaking change proposal: https://github.com/elastic/dev/issues/2772 (internal)
Docs ticket: elastic/security-docs#5981
Summary
We have deprecated certain bulk API endpoints that we don't intend to expose neither in Serverless, nor in the 9.0 stack version. These deprecated APIs are documented here:
We should unregister these endpoints in the
mainbranch. This will disable them in Serverless (we want to do that before GA) and in the upcoming 9.0 version. We can consider completely removing their code from the repo.This doesn't apply to the bulk actions endpoint.
Deprecation period
All these endpoints have been deprecated since Kibana
v8.2released in May 2022, which makes the deprecation period of more than 2 years:Documentation
Please open a docs ticket for documenting this breaking change in 9.0.
Also, we'd probably need to think about what should we do with the OpenAPI specs to make sure that the user of the API reference website understands that these endpoints are not available in Serverless and stack 9.0, but available in stack 8.x.
Todo
Tasks
The text was updated successfully, but these errors were encountered: