Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Monitoring] Set explicit access option for internal API #186882

Merged
merged 3 commits into from
Jun 26, 2024
Merged

[Monitoring] Set explicit access option for internal API #186882

merged 3 commits into from
Jun 26, 2024

Conversation

tonyghiani
Copy link
Contributor

📓 Summary

Part of #186781

Explicit set the access options for the monitoring internal API:

  • access [internal] [POST] for path [/api/monitoring/v1/alert/{clusterUuid}/status]"
  • access [internal] [POST] for path [/api/monitoring/v1/alerts/enable]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/apm/{apmUuid}]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/apm/instances]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/apm]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/beats/beat/{beatUuid}]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/beats/beats]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/beats]"
  • access [internal] [GET] for path [/api/monitoring/v1/check_access]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/elasticsearch/indices/{id}]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/elasticsearch/indices]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/elasticsearch/nodes/{nodeUuid}]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/elasticsearch/nodes]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/elasticsearch]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/elasticsearch/ml_jobs]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/elasticsearch/ccr]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/elasticsearch/ccr/{index}/shard/{shardId}]"
  • access [internal] [GET] for path [/api/monitoring/v1/elasticsearch_settings/check/cluster]"
  • access [internal] [POST] for path [/api/monitoring/v1/elasticsearch_settings/check/internal_monitoring]"
  • access [internal] [GET] for path [/api/monitoring/v1/elasticsearch_settings/check/nodes]"
  • access [internal] [PUT] for path [/api/monitoring/v1/elasticsearch_settings/set/collection_enabled]"
  • access [internal] [PUT] for path [/api/monitoring/v1/elasticsearch_settings/set/collection_interval]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/enterprise_search]"
  • access [internal] [GET] for path [/api/monitoring/v1/_health]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/logstash/pipeline_ids]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/logstash/pipelines]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/logstash/node/{logstashUuid}/pipelines]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/logstash/node/{logstashUuid}]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/logstash/nodes]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/logstash]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/logstash/pipeline/{pipelineId}/{pipelineHash?}]"
  • access [internal] [POST] for path [/api/monitoring/v1/setup/collection/cluster/{clusterUuid?}]"
  • access [internal] [POST] for path [/api/monitoring/v1/setup/collection/{clusterUuid}/disable_internal_collection]"
  • access [internal] [POST] for path [/api/monitoring/v1/setup/collection/node/{nodeUuid}]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/kibana/{kibanaUuid}]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/kibana/instances]"
  • access [internal] [POST] for path [/api/monitoring/v1/clusters/{clusterUuid}/kibana]"
  • access [internal] [GET] for path [/api/monitoring_collection/{type}]

@tonyghiani tonyghiani added Team:Monitoring Stack Monitoring team release_note:skip Skip the PR/issue when compiling release notes labels Jun 25, 2024
@tonyghiani tonyghiani requested a review from a team as a code owner June 25, 2024 12:32
@obltmachine
Copy link

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

  • /oblt-deploy : Deploy a Kibana instance using the Observability test environments.
  • run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

@tonyghiani tonyghiani mentioned this pull request Jun 25, 2024
Closed
20 tasks
jennypavlova
jennypavlova approved these changes Jun 25, 2024
View reviewed changes
Copy link
Member

@jennypavlova jennypavlova left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@tonyghiani tonyghiani merged commit 4ec5ad5 into elastic:main Jun 26, 2024
17 checks passed
@tonyghiani tonyghiani deleted the refactor/explicit-access-monitoring-api branch June 26, 2024 09:50
@kibanamachine kibanamachine added v8.15.0 backport:skip This commit does not require backporting labels Jun 26, 2024
@consulthys
Copy link
Contributor

consulthys commented Oct 23, 2024
edited
Loading

access [internal] [GET] for path [/api/monitoring_collection/{type}]

@tonyghiani I'm questioning the rationale behind flagging this endpoint as internal. The reason being that it is called from the kibana Metricbeat module in order to monitor Kibana. By definition, the kibana agent integration also needs it.

Should we "move" this endpoint to the public API?

@tonyghiani
Copy link
Contributor Author

Sorry for the late response @consulthys, I marked this endpoint as internal as it was reported in the list of the internal endpoints in the related issue. If this should be a public API, it makes sense to move it then 👌

@piotrp
Copy link

piotrp commented Dec 9, 2024

So I guess this is the reason for WARN spam in new Kibana versions?

[2024-12-09T12:01:01.860+01:00][WARN ][http.server.kbn-internal-api-restricted] Access to uri [/api/monitoring_collection/cluster_rules] with method [get] is deprecated
[2024-12-09T12:01:01.898+01:00][WARN ][http.server.kbn-internal-api-restricted] Access to uri [/api/monitoring_collection/node_actions] with method [get] is deprecated
[2024-12-09T12:01:02.605+01:00][WARN ][http.server.kbn-internal-api-restricted] Access to uri [/api/monitoring_collection/cluster_actions] with method [get] is deprecated
[2024-12-09T12:01:05.976+01:00][WARN ][http.server.kbn-internal-api-restricted] Access to uri [/api/monitoring_collection/node_rules] with method [get] is deprecated
[2024-12-09T12:01:11.859+01:00][WARN ][http.server.kbn-internal-api-restricted] Access to uri [/api/monitoring_collection/cluster_rules] with method [get] is deprecated
[2024-12-09T12:01:11.898+01:00][WARN ][http.server.kbn-internal-api-restricted] Access to uri [/api/monitoring_collection/node_actions] with method [get] is deprecated
[2024-12-09T12:01:12.606+01:00][WARN ][http.server.kbn-internal-api-restricted] Access to uri [/api/monitoring_collection/cluster_actions] with method [get] is deprecated
[2024-12-09T12:01:15.990+01:00][WARN ][http.server.kbn-internal-api-restricted] Access to uri [/api/monitoring_collection/node_rules] with method [get] is deprecated
[2024-12-09T12:01:21.860+01:00][WARN ][http.server.kbn-internal-api-restricted] Access to uri [/api/monitoring_collection/cluster_rules] with method [get] is deprecated
[2024-12-09T12:01:21.898+01:00][WARN ][http.server.kbn-internal-api-restricted] Access to uri [/api/monitoring_collection/node_actions] with method [get] is deprecated

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jennypavlova jennypavlova jennypavlova approved these changes

Assignees
No one assigned
Labels
backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Monitoring Stack Monitoring team v8.15.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@tonyghiani @obltmachine @kibana-ci @consulthys @piotrp @jennypavlova @kibanamachine