[ResponseOps][Alerting] Explicitly set access for all of our routes #192956
Assignees
Labels
Team:ResponseOps
Label for the ResponseOps team (formerly the Cases and Alerting teams)
Comments
cnasikas
added
the
Team:ResponseOps
|
Pinging @elastic/response-ops (Team:ResponseOps) |
20 tasks
cnasikas
changed the title
js-jankisalvi
added a commit
that referenced
this issue
Sep 26, 2024
…ions, connectors, rules, alerts, and cases plugins (#193520) ## Summary Resolves #192956 This PR adds - `access: internal` option to internal routes - `access: public` option to public routes It which will help restrict access of internal routes and allow users to access all public routes. This PR updates api routes of following `x-pack/plugins` - actions - alerting - cases - rule_registry - stack_connectors - triggers_actions_ui
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Sep 26, 2024
…ions, connectors, rules, alerts, and cases plugins (elastic#193520) ## Summary Resolves elastic#192956 This PR adds - `access: internal` option to internal routes - `access: public` option to public routes It which will help restrict access of internal routes and allow users to access all public routes. This PR updates api routes of following `x-pack/plugins` - actions - alerting - cases - rule_registry - stack_connectors - triggers_actions_ui (cherry picked from commit 9c78643)
kibanamachine
referenced
this issue
Sep 26, 2024
…of actions, connectors, rules, alerts, and cases plugins (#193520) (#194111) # Backport This will backport the following commits from `main` to `8.x`: - [[RsponseOps][Alerting] Explicitly set access to all API routes of actions, connectors, rules, alerts, and cases plugins (#193520)](#193520) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Janki Salvi","email":"117571355+js-jankisalvi@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-09-26T10:00:08Z","message":"[RsponseOps][Alerting] Explicitly set access to all API routes of actions, connectors, rules, alerts, and cases plugins (#193520)\n\n## Summary\r\nResolves https://github.com/elastic/kibana/issues/192956\r\nThis PR adds \r\n- `access: internal` option to internal routes \r\n- `access: public` option to public routes \r\n\r\nIt which will help restrict access of internal routes and allow users to\r\naccess all public routes.\r\n\r\nThis PR updates api routes of following `x-pack/plugins`\r\n- actions\r\n- alerting\r\n- cases\r\n- rule_registry\r\n- stack_connectors\r\n- triggers_actions_ui","sha":"9c7864309ce1c5a3d085151e3b67d1635bc558c8","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","v8.16.0"],"title":"[RsponseOps][Alerting] Explicitly set access to all API routes of actions, connectors, rules, alerts, and cases plugins","number":193520,"url":"https://github.com/elastic/kibana/pull/193520","mergeCommit":{"message":"[RsponseOps][Alerting] Explicitly set access to all API routes of actions, connectors, rules, alerts, and cases plugins (#193520)\n\n## Summary\r\nResolves https://github.com/elastic/kibana/issues/192956\r\nThis PR adds \r\n- `access: internal` option to internal routes \r\n- `access: public` option to public routes \r\n\r\nIt which will help restrict access of internal routes and allow users to\r\naccess all public routes.\r\n\r\nThis PR updates api routes of following `x-pack/plugins`\r\n- actions\r\n- alerting\r\n- cases\r\n- rule_registry\r\n- stack_connectors\r\n- triggers_actions_ui","sha":"9c7864309ce1c5a3d085151e3b67d1635bc558c8"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193520","number":193520,"mergeCommit":{"message":"[RsponseOps][Alerting] Explicitly set access to all API routes of actions, connectors, rules, alerts, and cases plugins (#193520)\n\n## Summary\r\nResolves https://github.com/elastic/kibana/issues/192956\r\nThis PR adds \r\n- `access: internal` option to internal routes \r\n- `access: public` option to public routes \r\n\r\nIt which will help restrict access of internal routes and allow users to\r\naccess all public routes.\r\n\r\nThis PR updates api routes of following `x-pack/plugins`\r\n- actions\r\n- alerting\r\n- cases\r\n- rule_registry\r\n- stack_connectors\r\n- triggers_actions_ui","sha":"9c7864309ce1c5a3d085151e3b67d1635bc558c8"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Janki Salvi <117571355+js-jankisalvi@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue #192897 lists all of our routes. We should explicitly set the intended access to all of our routes. Routes that do not have their access tag set are marked with an ❌ in the parent issue.
The text was updated successfully, but these errors were encountered: