Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit API key ID when create or grant API keys #88456

Merged
merged 2 commits into from
Jul 12, 2022
Merged

Audit API key ID when create or grant API keys #88456

merged 2 commits into from
Jul 12, 2022

Conversation

ywangd
Copy link
Member

@ywangd ywangd commented Jul 12, 2022

The API key ID generation is handled by the Request class since #63221.
This makes it possible to audit it when creating or granting API keys.
This PR makes the necessary changes for it to happen.

Relates: #63221

@ywangd
Audit API key ID when create or grant API keys
8ea6f0b 
The API key ID generation is handled by the Request class since elastic#63221.
This makes it possible to audit it when creating or granting API keys.
This PR makes the necessary changes for it to happen.

Relates: elastic#63221
@ywangd ywangd requested a review from n1v0lg July 12, 2022 01:42
@elasticmachine elasticmachine added the Team:Security Meta label for security team label Jul 12, 2022
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@elasticsearchmachine
Copy link
Collaborator

Hi @ywangd, I've created a changelog YAML for you.

@ywangd
Copy link
Member Author

ywangd commented Jul 12, 2022

@elasticmachine run elasticsearch-ci/part-2

n1v0lg
n1v0lg approved these changes Jul 12, 2022
View reviewed changes
Copy link
Contributor

@n1v0lg n1v0lg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@ywangd ywangd merged commit 24d2520 into elastic:master Jul 12, 2022
weizijun added a commit to weizijun/elasticsearch that referenced this pull request Jul 13, 2022
@weizijun
Merge branch 'upstream/master' into rollup-support-cancel
00089cc 
* upstream/master: (38 commits)
  Simplify map copying (elastic#88432)
  Make DiffableUtils.diff implementation agnostic (elastic#88403)
  Ingest: Start separating Metadata from IngestSourceAndMetadata (elastic#88401)
  Move runtime fields base scripts out of scripting fields api package. (elastic#88488)
  Enable TRACE Logging for test and increase timeout (elastic#88477)
  Mute ReactiveStorageIT#testScaleDuringSplitOrClone (elastic#88480)
  Track the count of failed invocations since last successful policy snapshot (elastic#88398)
  Avoid noisy exceptions on data nodes when aborting snapshots (elastic#88476)
  Fix ReactiveStorageDeciderServiceTests testNodeSizeForDataBelowLowWatermark (elastic#88452)
  INFO logging of snapshot restore and completion (elastic#88257)
  unmute test (elastic#88454)
  Updatable API keys - noop check (elastic#88346)
  Corrected an incomplete sentence. (elastic#86542)
  Use consistent shard map type in IndexService (elastic#88465)
  Stop registering TestGeoShapeFieldMapperPlugin in ESIntegTestCase (elastic#88460)
  TSDB: RollupShardIndexer logging improvements (elastic#88416)
  Audit API key ID when create or grant API keys (elastic#88456)
  Bound random negative size test in SearchSourceBuilderTests#testNegativeSizeErrors (elastic#88457)
  Updatable API keys - logging audit trail event (elastic#88276)
  Polish reworked LoggedExec task (elastic#88424)
  ...

# Conflicts:
#	x-pack/plugin/rollup/src/main/java/org/elasticsearch/xpack/rollup/v2/RollupShardIndexer.java
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@n1v0lg n1v0lg n1v0lg approved these changes

Assignees
No one assigned
Labels
>enhancement :Security/Audit X-Pack Audit logging Team:Security Meta label for security team v8.4.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ywangd @elasticmachine @elasticsearchmachine @n1v0lg