[RAC] Update RBAC mapping of features to index names to comply with the index naming scheme

packages/kbn-rule-data-utils/src/alerts_as_data_rbac.ts

@@ -27,12 +27,12 @@ export type AlertConsumers = typeof AlertConsumers[keyof typeof AlertConsumers];
 export type STATUS_VALUES = 'open' | 'acknowledged' | 'closed' | 'in-progress'; // TODO: remove 'in-progress' after migration to 'acknowledged'
 
 export const mapConsumerToIndexName: Record<AlertConsumers, string | string[]> = {
-  apm: '.alerts-observability-apm',
-  logs: '.alerts-observability.logs',
-  infrastructure: '.alerts-observability.metrics',
-  observability: '.alerts-observability',
-  siem: '.alerts-security.alerts',
-  uptime: '.alerts-observability.uptime',
+  apm: '.alerts-observability.apm.alerts-*',
+  logs: '.alerts-observability.logs.alerts-*',
+  infrastructure: '.alerts-observability.metrics.alerts-*',
+  observability: '.alerts-observability.*.alerts-*',
+  siem: '.alerts-security.alerts-*',
+  uptime: '.alerts-observability.uptime.alerts-*',
 };
 export type ValidFeatureId = keyof typeof mapConsumerToIndexName;
 

x-pack/plugins/monitoring/common/es_glob_patterns.test.ts

@@ -19,7 +19,7 @@ const testIndices = [
   '.ds-metrics-system.process.summary-default-2021.05.25-00000',
   '.kibana_shahzad_9',
   '.kibana-felix-log-stream_8.0.0_001',
-  '.kibana_smith_alerts-observability-apm-000001',
+  '.kibana_smith_alerts-observability.apm-000001',
   '.ds-logs-endpoint.events.process-default-2021.05.26-000001',
   '.kibana_dominiqueclarke54_8.0.0_001',
   '.kibana-cmarcondes-19_8.0.0_001',
@@ -63,7 +63,7 @@ const onlySystemIndices = [
   '.ds-metrics-system.process.summary-default-2021.05.25-00000',
   '.kibana_shahzad_9',
   '.kibana-felix-log-stream_8.0.0_001',
-  '.kibana_smith_alerts-observability-apm-000001',
+  '.kibana_smith_alerts-observability.apm-000001',
   '.ds-logs-endpoint.events.process-default-2021.05.26-000001',
   '.kibana_dominiqueclarke54_8.0.0_001',
   '.kibana-cmarcondes-19_8.0.0_001',
@@ -85,7 +85,7 @@ const kibanaNoTaskIndices = [
   '.kibana_shahzad_1',
   '.kibana_shahzad_9',
   '.kibana-felix-log-stream_8.0.0_001',
-  '.kibana_smith_alerts-observability-apm-000001',
+  '.kibana_smith_alerts-observability.apm-000001',
   '.kibana_dominiqueclarke54_8.0.0_001',
   '.kibana-cmarcondes-19_8.0.0_001',
   '.kibana_dominiqueclarke55-alerts-8.0.0-000001',

x-pack/plugins/rule_registry/README.md

@@ -73,7 +73,7 @@ await plugins.ruleRegistry.createOrUpdateComponentTemplate({
 await plugins.ruleRegistry.createOrUpdateIndexTemplate({
   name: plugins.ruleRegistry.getFullAssetName('apm-index-template'),
   body: {
-    index_patterns: [plugins.ruleRegistry.getFullAssetName('observability-apm*')],
+    index_patterns: [plugins.ruleRegistry.getFullAssetName('observability.apm*')],
     composed_of: [
       // Technical component template, required
       plugins.ruleRegistry.getFullAssetName(TECHNICAL_COMPONENT_TEMPLATE_NAME),
@@ -85,7 +85,7 @@ await plugins.ruleRegistry.createOrUpdateIndexTemplate({
 // Finally, create the rule data client that can be injected into rule type
 // executors and API endpoints
 const ruleDataClient = new RuleDataClient({
-  alias: plugins.ruleRegistry.getFullAssetName('observability-apm'),
+  alias: plugins.ruleRegistry.getFullAssetName('observability.apm'),
   getClusterClient: async () => {
     const coreStart = await getCoreStart();
     return coreStart.elasticsearch.client.asInternalUser;

x-pack/plugins/rule_registry/server/alert_data_client/tests/bulk_update.test.ts

@@ -78,7 +78,7 @@ describe('bulkUpdate()', () => {
   describe('ids', () => {
     describe('audit log', () => {
       test('logs successful event in audit logger', async () => {
-        const indexName = '.alerts-observability-apm.alerts';
+        const indexName = '.alerts-observability.apm.alerts';
         const alertsClient = new AlertsClient(alertsClientParams);
         esClientMock.mget.mockResolvedValueOnce(
           elasticsearchClientMock.createApiResponse({
@@ -107,7 +107,7 @@ describe('bulkUpdate()', () => {
                 {
                   update: {
                     _id: fakeAlertId,
-                    _index: '.alerts-observability-apm.alerts',
+                    _index: '.alerts-observability.apm.alerts',
                     result: 'updated',
                     status: 200,
                   },
@@ -135,7 +135,7 @@ describe('bulkUpdate()', () => {
       });
 
       test('audit error access if user is unauthorized for given alert', async () => {
-        const indexName = '.alerts-observability-apm.alerts';
+        const indexName = '.alerts-observability.apm.alerts';
         const alertsClient = new AlertsClient(alertsClientParams);
         esClientMock.mget.mockResolvedValueOnce(
           elasticsearchClientMock.createApiResponse({
@@ -181,7 +181,7 @@ describe('bulkUpdate()', () => {
       });
 
       test('logs multiple error events in audit logger', async () => {
-        const indexName = '.alerts-observability-apm.alerts';
+        const indexName = '.alerts-observability.apm.alerts';
         const alertsClient = new AlertsClient(alertsClientParams);
         esClientMock.mget.mockResolvedValueOnce(
           elasticsearchClientMock.createApiResponse({
@@ -257,7 +257,7 @@ describe('bulkUpdate()', () => {
   describe('query', () => {
     describe('audit log', () => {
       test('logs successful event in audit logger', async () => {
-        const indexName = '.alerts-observability-apm.alerts';
+        const indexName = '.alerts-observability.apm.alerts';
         const alertsClient = new AlertsClient(alertsClientParams);
         esClientMock.search.mockResolvedValueOnce(
           elasticsearchClientMock.createApiResponse({
@@ -276,7 +276,7 @@ describe('bulkUpdate()', () => {
                 hits: [
                   {
                     _id: fakeAlertId,
-                    _index: '.alerts-observability-apm.alerts',
+                    _index: '.alerts-observability.apm.alerts',
                     _source: {
                       [ALERT_RULE_TYPE_ID]: 'apm.error_rate',
                       [ALERT_RULE_CONSUMER]: 'apm',
@@ -317,7 +317,7 @@ describe('bulkUpdate()', () => {
       });
 
       test('audit error access if user is unauthorized for given alert', async () => {
-        const indexName = '.alerts-observability-apm.alerts';
+        const indexName = '.alerts-observability.apm.alerts';
         const alertsClient = new AlertsClient(alertsClientParams);
         esClientMock.search.mockResolvedValueOnce(
           elasticsearchClientMock.createApiResponse({
@@ -336,7 +336,7 @@ describe('bulkUpdate()', () => {
                 hits: [
                   {
                     _id: fakeAlertId,
-                    _index: '.alerts-observability-apm.alerts',
+                    _index: '.alerts-observability.apm.alerts',
                     _source: {
                       [ALERT_RULE_TYPE_ID]: fakeRuleTypeId,
                       [ALERT_RULE_CONSUMER]: 'apm',
@@ -378,7 +378,7 @@ describe('bulkUpdate()', () => {
       });
 
       test('logs multiple error events in audit logger', async () => {
-        const indexName = '.alerts-observability-apm.alerts';
+        const indexName = '.alerts-observability.apm.alerts';
         const alertsClient = new AlertsClient(alertsClientParams);
         esClientMock.search.mockResolvedValueOnce(
           elasticsearchClientMock.createApiResponse({
@@ -397,7 +397,7 @@ describe('bulkUpdate()', () => {
                 hits: [
                   {
                     _id: successfulAuthzHit,
-                    _index: '.alerts-observability-apm.alerts',
+                    _index: '.alerts-observability.apm.alerts',
                     _source: {
                       [ALERT_RULE_TYPE_ID]: 'apm.error_rate',
                       [ALERT_RULE_CONSUMER]: 'apm',
@@ -407,7 +407,7 @@ describe('bulkUpdate()', () => {
                   },
                   {
                     _id: unsuccessfulAuthzHit,
-                    _index: '.alerts-observability-apm.alerts',
+                    _index: '.alerts-observability.apm.alerts',
                     _source: {
                       [ALERT_RULE_TYPE_ID]: fakeRuleTypeId,
                       [ALERT_RULE_CONSUMER]: 'apm',

x-pack/plugins/rule_registry/server/alert_data_client/tests/get.test.ts

@@ -91,7 +91,7 @@ describe('get()', () => {
               {
                 found: true,
                 _type: 'alert',
-                _index: '.alerts-observability-apm',
+                _index: '.alerts-observability.apm.alerts',
                 _id: 'NoxgpHkBqbdrfX07MqXV',
                 _version: 1,
                 _seq_no: 362,
@@ -109,7 +109,7 @@ describe('get()', () => {
         },
       })
     );
-    const result = await alertsClient.get({ id: '1', index: '.alerts-observability-apm' });
+    const result = await alertsClient.get({ id: '1', index: '.alerts-observability.apm.alerts' });
     expect(result).toMatchInlineSnapshot(`
       Object {
         "kibana.alert.rule.consumer": "apm",
@@ -173,7 +173,7 @@ describe('get()', () => {
             "track_total_hits": undefined,
           },
           "ignore_unavailable": true,
-          "index": ".alerts-observability-apm",
+          "index": ".alerts-observability.apm.alerts",
           "seq_no_primary_term": true,
         },
       ]
@@ -200,7 +200,7 @@ describe('get()', () => {
               {
                 found: true,
                 _type: 'alert',
-                _index: '.alerts-observability-apm',
+                _index: '.alerts-observability.apm.alerts',
                 _id: 'NoxgpHkBqbdrfX07MqXV',
                 _version: 1,
                 _seq_no: 362,
@@ -218,7 +218,10 @@ describe('get()', () => {
         },
       })
     );
-    await alertsClient.get({ id: 'NoxgpHkBqbdrfX07MqXV', index: '.alerts-observability-apm' });
+    await alertsClient.get({
+      id: 'NoxgpHkBqbdrfX07MqXV',
+      index: '.alerts-observability.apm.alerts',
+    });
 
     expect(auditLogger.log).toHaveBeenCalledWith({
       error: undefined,
@@ -228,7 +231,7 @@ describe('get()', () => {
   });
 
   test('audit error access if user is unauthorized for given alert', async () => {
-    const indexName = '.alerts-observability-apm.alerts';
+    const indexName = '.alerts-observability.apm.alerts';
     const fakeAlertId = 'myfakeid1';
     // fakeRuleTypeId will cause authz to fail
     const fakeRuleTypeId = 'fake.rule';
@@ -269,7 +272,7 @@ describe('get()', () => {
       })
     );
 
-    await expect(alertsClient.get({ id: fakeAlertId, index: '.alerts-observability-apm.alerts' }))
+    await expect(alertsClient.get({ id: fakeAlertId, index: '.alerts-observability.apm.alerts' }))
       .rejects.toThrowErrorMatchingInlineSnapshot(`
             "Unable to retrieve alert details for alert with id of \\"myfakeid1\\" or with query \\"undefined\\" and operation get 
             Error: Error: Unauthorized for fake.rule and apm"
@@ -296,7 +299,7 @@ describe('get()', () => {
     esClientMock.search.mockRejectedValue(error);
 
     await expect(
-      alertsClient.get({ id: 'NoxgpHkBqbdrfX07MqXV', index: '.alerts-observability-apm' })
+      alertsClient.get({ id: 'NoxgpHkBqbdrfX07MqXV', index: '.alerts-observability.apm.alerts' })
     ).rejects.toThrowErrorMatchingInlineSnapshot(`
             "Unable to retrieve alert details for alert with id of \\"NoxgpHkBqbdrfX07MqXV\\" or with query \\"undefined\\" and operation get 
             Error: Error: something went wrong"
@@ -323,7 +326,7 @@ describe('get()', () => {
                 {
                   found: true,
                   _type: 'alert',
-                  _index: '.alerts-observability-apm',
+                  _index: '.alerts-observability.apm.alerts',
                   _id: 'NoxgpHkBqbdrfX07MqXV',
                   _version: 1,
                   _seq_no: 362,
@@ -347,7 +350,7 @@ describe('get()', () => {
       const alertsClient = new AlertsClient(alertsClientParams);
       const result = await alertsClient.get({
         id: 'NoxgpHkBqbdrfX07MqXV',
-        index: '.alerts-observability-apm',
+        index: '.alerts-observability.apm.alerts',
       });
 
       expect(result).toMatchInlineSnapshot(`