Skip to content

Commit

Permalink
[Alerting] add alerting privileges for uptime and metrics (elastic#61113
Browse files Browse the repository at this point in the history
)

resolves elastic#60135

See the reference issue for how to configure Kibana to test this manually.
There are no automated tests for this ATM.

The basic test scenario is to create a role with just the Uptime space
privilege, make sure it get to the Alerts and Actions management app,
make sure you can create an action (server log), and alert (index threshold),
and that the alert and action run successfully.

Then repeat with just the Metrics space privilege.
  • Loading branch information
pmuellr committed Apr 1, 2020
1 parent d8f381a commit 920efaf
Show file tree
Hide file tree
Showing 3 changed files with 56 additions and 13 deletions.
30 changes: 24 additions & 6 deletions x-pack/plugins/infra/server/features.ts
Original file line number Diff line number Diff line change
Expand Up @@ -20,22 +20,40 @@ export const METRICS_FEATURE = {
all: {
app: ['infra', 'kibana'],
catalogue: ['infraops'],
api: ['infra'],
api: ['infra', 'actions-read', 'actions-all', 'alerting-read', 'alerting-all'],
savedObject: {
all: ['infrastructure-ui-source'],
all: ['infrastructure-ui-source', 'alert', 'action', 'action_task_params'],
read: ['index-pattern'],
},
ui: ['show', 'configureSource', 'save'],
ui: [
'show',
'configureSource',
'save',
'alerting:show',
'actions:show',
'alerting:save',
'actions:save',
'alerting:delete',
'actions:delete',
],
},
read: {
app: ['infra', 'kibana'],
catalogue: ['infraops'],
api: ['infra'],
api: ['infra', 'actions-read', 'actions-all', 'alerting-read', 'alerting-all'],
savedObject: {
all: [],
all: ['alert', 'action', 'action_task_params'],
read: ['infrastructure-ui-source', 'index-pattern'],
},
ui: ['show'],
ui: [
'show',
'alerting:show',
'actions:show',
'alerting:save',
'actions:save',
'alerting:delete',
'actions:delete',
],
},
},
};
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@

type Capabilities = Record<string, any>;

const apps = ['apm', 'siem'];
const apps = ['apm', 'siem', 'uptime', 'infrastructure'];

function hasCapability(capabilities: Capabilities, capability: string) {
return apps.some(app => capabilities[app]?.[capability]);
Expand Down
37 changes: 31 additions & 6 deletions x-pack/plugins/uptime/server/kibana.index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -39,22 +39,47 @@ export const initServerWithKibana = (server: UptimeCoreSetup, plugins: UptimeCor
all: {
app: ['uptime', 'kibana'],
catalogue: ['uptime'],
api: ['uptime-read', 'uptime-write'],
api: [
'uptime-read',
'uptime-write',
'actions-read',
'actions-all',
'alerting-read',
'alerting-all',
],
savedObject: {
all: [umDynamicSettings.name],
all: [umDynamicSettings.name, 'alert', 'action', 'action_task_params'],
read: [],
},
ui: ['save', 'configureSettings', 'show'],
ui: [
'save',
'configureSettings',
'show',
'alerting:show',
'actions:show',
'alerting:save',
'actions:save',
'alerting:delete',
'actions:delete',
],
},
read: {
app: ['uptime', 'kibana'],
catalogue: ['uptime'],
api: ['uptime-read'],
api: ['uptime-read', 'actions-read', 'actions-all', 'alerting-read', 'alerting-all'],
savedObject: {
all: [],
all: ['alert', 'action', 'action_task_params'],
read: [umDynamicSettings.name],
},
ui: ['show'],
ui: [
'show',
'alerting:show',
'actions:show',
'alerting:save',
'actions:save',
'alerting:delete',
'actions:delete',
],
},
},
});
Expand Down

0 comments on commit 920efaf

Please sign in to comment.