Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BREAKING CHANGE] Removing deprecated rules bulk CRUD API endpoints #5981

Open
Tracked by #197422
banderror opened this issue Oct 24, 2024 · 0 comments
Open
Tracked by #197422

[BREAKING CHANGE] Removing deprecated rules bulk CRUD API endpoints #5981

banderror opened this issue Oct 24, 2024 · 0 comments

Comments

@banderror
Copy link
Contributor

banderror commented Oct 24, 2024

Related to: elastic/kibana#193184
Approved by Breaking Changes Committee: https://github.com/elastic/dev/issues/2772

Description

We are removing the following deprecated bulk API endpoints for creating, updating and deleting detection rules from Elastic Security APIs in Serverless GA and upcoming Stack v9.0.0:

Method Endpoint
POST /api/detection_engine/rules/_bulk_create
PUT /api/detection_engine/rules/_bulk_update
PATCH /api/detection_engine/rules/_bulk_update
DELETE /api/detection_engine/rules/_bulk_delete
POST /api/detection_engine/rules/_bulk_delete

Which deployment types are affected?

ESS and serverless

Release version

The endpoints will be removed from (not available in):

  • Stack v9.0.0
  • Serverless GA
@banderror banderror added breaking-change For release notes Feature: Rules Team: Detections/Response Detections and Response labels Oct 24, 2024
banderror added a commit to elastic/kibana that referenced this issue Nov 1, 2024
…in Serverless and 9.0 (#197422)

**Partially addresses:** #193184
**Breaking change proposal:** elastic/dev#2772
(internal)

## Summary

This PR disables the following deprecated [bulk API endpoints for
creating, updating and deleting detection
rules](https://www.elastic.co/guide/en/security/current/bulk-actions-rules-api.html)
from [Elastic Security
APIs](https://www.elastic.co/guide/en/security/current/security-apis.html)
in Serverless and upcoming `v9.0.0`:

| Method | Endpoint |
| ------ | ------------------------------------------------------- |
| POST   | /api/detection_engine/rules/\_bulk_create               |
| PUT    | /api/detection_engine/rules/\_bulk_update               |
| PATCH  | /api/detection_engine/rules/\_bulk_update               |
| DELETE | /api/detection_engine/rules/\_bulk_delete               |
| POST   | /api/detection_engine/rules/\_bulk_delete               |

Specifically, as a first step we remove the endpoints from the route
registrations. Once elastic/dev#2772 is
approved, we will merge this PR and remove the corresponding endpoint
handlers and associated code in a follow-up PR.


### Checklist

- [x]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
  - [x] elastic/security-docs#5981
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

### For maintainers

- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)
- [x] This will appear in the **Release Notes** and follow the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants