Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add invalidateAPIKey support to security plugin #43707

Merged
merged 11 commits into from
Aug 27, 2019
Merged

Add invalidateAPIKey support to security plugin #43707

merged 11 commits into from
Aug 27, 2019

Conversation

mikecote
Copy link
Contributor

In this PR, I'm adding a function to the security plugin that allows to invalidate API keys in Elasticsearch.

This is intended to be used by the alerting plugin to cleanup API keys whenever generating new ones. We plan to use the key to delete itself which is currently doable but also requires manage_api_keys cluster privilege..

This PR follows the implementation of createAPIKey #42146.

@mikecote mikecote added review Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.4.0 labels Aug 21, 2019
@mikecote mikecote requested a review from a team August 21, 2019 19:08
@mikecote mikecote self-assigned this Aug 21, 2019
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security

@elasticmachine

This comment has been minimized.

Sign in to view
@elasticmachine

This comment has been minimized.

Sign in to view
@azasypkin
Copy link
Member

ACK: will review tomorrow (since you're OOO till Monday anyway 😛 )

@azasypkin azasypkin self-requested a review August 22, 2019 09:58
@mikecote mikecote requested a review from azasypkin August 26, 2019 19:26
@elasticmachine
Copy link
Contributor

💚 Build Succeeded

azasypkin
azasypkin approved these changes Aug 27, 2019
View reviewed changes
Copy link
Member

@azasypkin azasypkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks! Just a few super minor nits.

@elasticmachine
Copy link
Contributor

💚 Build Succeeded

@mikecote mikecote merged commit 0f2324e into elastic:master Aug 27, 2019
mikecote added a commit to mikecote/kibana that referenced this pull request Aug 27, 2019
@mikecote
Add invalidateAPIKey support to security plugin (elastic#43707)
0f73e95 
* Initial work

* Fix failing jest test

* Use APIKeys class

* Only use id to invalidate

* Log all errors in invalidate function

* Cleanup

* Apply PR feedback
@mikecote mikecote mentioned this pull request Aug 27, 2019
Merged
mikecote added a commit that referenced this pull request Aug 27, 2019
@mikecote
Add invalidateAPIKey support to security plugin (#43707) (#44097)
66ecd21 
* Initial work

* Fix failing jest test

* Use APIKeys class

* Only use id to invalidate

* Log all errors in invalidate function

* Cleanup

* Apply PR feedback
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@azasypkin azasypkin azasypkin approved these changes

Assignees

@mikecote mikecote

Labels
release_note:skip Skip the PR/issue when compiling release notes review Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v7.4.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mikecote @elasticmachine @azasypkin