-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add link for Cloud deployment settings #65089
Comments
Pinging @elastic/kibana-core-ui (Team:Core UI) |
Looks good. I think the biggest technical question right now is around
How exactly Kibana will know this. @jowiho do you have any details on this? Will the user object contain this? |
I don't know if/how Kibana remembers how the user authenticated, through SSO or basic. Also, Kibana strictly has no way of knowing that the user singed in through Cloud SSO. It just knows that the user authenticated with a SAML realm. However, I'm not sure if any of this really matters. A user who logged in to Kibana with a username+password can still have a valid Cloud session (existing users might continue to login in as "elastic" out of habit, or with a readonly local user because of security). And a user who logged in through Cloud SSO might not have a valid Cloud session anymore because it could have expired. So a link from Kibana to Cloud might or might not interrupt the user with a Cloud login page, regardless of how they logged in to Kibana. |
The original reason for only showing these links to Cloud auth'd users was around Kibana making API calls to Cloud, and possibly not having the creds for it. And we didn't want those users getting a bad experience. However, now that we've separated out the implementation of SSO and Kibana making API calls, I agree that it probably doesn't really matter for now. Everyone can see the links and they might or might not get a Cloud login screen, which they might or might not know the creds for. |
Cloud issue proposing to add links to kibana yaml: https://github.com/elastic/cloud/issues/57690 |
Relates to #56232
Describe the feature:
Provide a link for Cloud users, who sign in with SSO (i.e. admin), to easily access the deployment page for the current Kibana instance.
Describe a specific use case for the feature:
A Kibana user, who manages this deployment, needs to adjust the configuration settings. They open the Kibana navigation and click a link to open the associated deployment settings page in the Cloud UI.
Currently, this user would have to use their browser and navigate the Cloud console, sign in, and then navigate to the deployment settings page. This new link will simplify that process by linking them directly from Kibana to the associated Cloud deployment details page in a single click.
Technical considerations
cloudId
which can be decoded into the necessary URL parts which make up the desired link URL.Implementation suggestion
The technical approach alluded to in the prior bullets was discussed in some detail here:
#56232 (comment)
Copy/pasted from #56232 (comment)
Re: Starting with ESS
Design mockup
Copy/pasted from #56232 (comment)
(If you're curious, you can also see the future header design in that comment)
cc:/ @andrew-moldovan @gjones @alexfrancoeur
The text was updated successfully, but these errors were encountered: