All system indices are hidden indices #79512

williamrandolph · 2021-10-19T20:02:05Z

System indices should be hidden from users. Since they are already restricted indices, a users that can't view restricted indices already can't see or access them, but they should also be hidden for superusers or users that are otherwise granted advanced privileges.

To the greatest degree possible, we apply hidden settings in the transport layer, so that the system can create an index or alias that is set to visible, for example, when operating in a mixed cluster mode. However, in the case of aliases created by templates, we hide the alias in the service layer.

This change has broken a number of tests that were relaying unnecessarily on wildcard searches. In general, the fix for these issues was to apply expand_wildcards=open,hidden to the request.

qa/smoke-test-http/src/test/java/org/elasticsearch/http/SystemIndexRestIT.java

.../java/org/elasticsearch/action/admin/indices/settings/put/TransportUpdateSettingsAction.java

server/src/main/java/org/elasticsearch/cluster/metadata/IndexMetadata.java

server/src/main/java/org/elasticsearch/cluster/metadata/MetadataCreateIndexService.java

server/src/main/java/org/elasticsearch/cluster/metadata/MetadataUpdateSettingsService.java

server/src/test/java/org/elasticsearch/indices/SystemIndexManagerTests.java

gwbrown

LGTM, thanks for your hard work and iteration on this one! Chasing down everywhere that needs to be changed for something like this isn't easy.

elasticmachine · 2021-12-06T18:46:56Z

Pinging @elastic/es-core-infra (Team:Core/Infra)

williamrandolph · 2021-12-06T18:47:26Z

@elasticmachine test this please

elasticsearchmachine · 2021-12-06T18:47:27Z

Hi @williamrandolph, I've created a changelog YAML for you.

System indices should be hidden from users. Since they are already restricted indices, a users that can't view restricted indices already can't see or access them, but they should also be hidden for superusers or users that are otherwise granted advanced privileges. To the greatest degree possible, we apply hidden settings in the transport layer, so that the system can create an index or alias that is set to visible, for example, when operating in a mixed cluster mode. However, in the case of aliases created by templates, we hide the alias in the service layer. This change has broken a number of tests that were relaying unnecessarily on wildcard searches. In general, the fix for these issues was to apply expand_wildcards=open,hidden to the request. * Force system indices to be hidden in IndexMetadata * Hide system data streams * Update feature migration tests * ML datafeed config defaults to searching hidden indices * Prevent unmanaged system indices from becoming visible * Change validation in TransportUpdateSettingsAction * Validate index creation settings in transport action * Make sure system data stream backing indices are hidden * Make sure transport request adds hidden index setting if missing * Validate and set default for autocreated system indices * Add some code to hide system aliases * Hide system aliases in create index service * Hide system aliases when adding them via alias endpoints * Check system indices when simulating and validating templates * Add known issue for reenabling tests * Update docs/changelog/79512.yaml

elasticsearchmachine · 2021-12-06T19:53:34Z

💚 Backport successful

Status	Branch	Result
✅	8.0

System indices should be hidden from users. Since they are already restricted indices, a users that can't view restricted indices already can't see or access them, but they should also be hidden for superusers or users that are otherwise granted advanced privileges. To the greatest degree possible, we apply hidden settings in the transport layer, so that the system can create an index or alias that is set to visible, for example, when operating in a mixed cluster mode. However, in the case of aliases created by templates, we hide the alias in the service layer. This change has broken a number of tests that were relaying unnecessarily on wildcard searches. In general, the fix for these issues was to apply expand_wildcards=open,hidden to the request. * Force system indices to be hidden in IndexMetadata * Hide system data streams * Update feature migration tests * ML datafeed config defaults to searching hidden indices * Prevent unmanaged system indices from becoming visible * Change validation in TransportUpdateSettingsAction * Validate index creation settings in transport action * Make sure system data stream backing indices are hidden * Make sure transport request adds hidden index setting if missing * Validate and set default for autocreated system indices * Add some code to hide system aliases * Hide system aliases in create index service * Hide system aliases when adding them via alias endpoints * Check system indices when simulating and validating templates * Add known issue for reenabling tests * Update docs/changelog/79512.yaml

williamrandolph added 2 commits October 19, 2021 15:22

Force system indices to be hidden in IndexMetadata

8920c6c

Hide system data streams

4c1925d

elasticsearchmachine added the v8.0.0 label Oct 19, 2021

williamrandolph added 10 commits October 19, 2021 17:51

Fix some tests

90790f8

Merge branch 'master' into si/hide-them-all

21a4958

Merge branch 'master' into si/hide-them-all

9813241

Merge branch 'master' into si/hide-them-all

63ebe5d

Update feature migration tests

e7c100b

Roll back unintended change

9909b95

ML datafeed config defaults to searching hidden indices

f193d83

Merge branch 'master' into si/hide-them-all

d376412

Prevent unmanaged system indices from becoming visible

00de706

Fix watcher test

b4a3ab9