Skip to content

[8.x] Support for security remote_cluster and associated privileges (#3125) #3140

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 19, 2024
Merged

[8.x] Support for security remote_cluster and associated privileges (#3125) #3140

merged 1 commit into from
Nov 19, 2024

Conversation

pquentin
Copy link
Member

This commit adds support for the remote_cluster in the role and role descriptors. Additionally:

  • adds missing references to remote_indices
  • add new cluster privilege monitor_stats
  • adds related version information where applicable
  • updates references to cluster from string[] to proper enumeration

(cherry picked from commit dac7201)

@jakelandis @pquentin
Support for security remote_cluster and associated privileges (#3125)
d33d123 
This commit adds support for the remote_cluster in the role and role descriptors.
Additionally:

* adds missing references to remote_indices
* add new cluster privilege monitor_stats
* adds related version information where applicable
* updates references to cluster from string[] to proper enumeration

(cherry picked from commit dac7201)
@pquentin pquentin mentioned this pull request Nov 18, 2024
Merged
@github-actions GitHub Actions
Copy link
Contributor

Following you can find the validation results for the APIs you have changed.

API Status Request Response
security.activate_user_profile 🟢 9/9 9/9
security.authenticate 🟢 30/30 30/30
security.bulk_delete_role 🟢 1/1 1/1
security.bulk_put_role 🟢 1/1 1/1
security.bulk_update_api_keys 🟠 Missing type Missing type
security.change_password 🟢 9/9 9/9
security.clear_api_key_cache 🟢 13/13 13/13
security.clear_cached_privileges 🟢 3/3 3/3
security.clear_cached_realms 🟢 1/1 1/1
security.clear_cached_roles 🟢 2/2 2/2
security.clear_cached_service_tokens 🟢 4/4 4/4
security.create_api_key 🔴 66/68 59/59
security.create_cross_cluster_api_key 🟢 3/3 3/3
security.create_service_token 🟢 3/3 3/3
security.delete_privileges 🟢 6/6 6/6
security.delete_role_mapping 🟢 9/9 9/9
security.delete_role 🟢 8/8 8/8
security.delete_service_token Missing test Missing test
security.delete_user 🟢 9/9 9/9
security.disable_user_profile 🟢 1/1 1/1
security.disable_user 🟢 3/3 3/3
security.enable_user_profile 🟢 1/1 1/1
security.enable_user 🟢 4/4 4/4
security.enroll_kibana Missing test Missing test
security.enroll_node Missing test Missing test
security.get_api_key 🔴 38/38 15/38
security.get_builtin_privileges 🟢 1/1 1/1
security.get_privileges 🟢 12/12 12/12
security.get_role_mapping 🔴 18/18 10/18
security.get_role 🔴 24/24 22/24
security.get_service_accounts Missing test Missing test
security.get_service_credentials 🟢 1/1 1/1
security.get_settings 🟠 Missing type Missing type
security.get_token 🟢 25/25 24/24
security.get_user_privileges 🔴 8/8 7/8
security.get_user_profile 🟢 8/8 8/8
security.get_user 🟢 25/25 25/25
security.grant_api_key 🟢 7/7 7/7
security.has_privileges_user_profile 🟢 3/3 3/3
security.has_privileges 🟢 24/24 24/24
security.invalidate_api_key 🟢 12/12 12/12
security.invalidate_token 🟢 11/11 11/11
security.oidc_authenticate 🟠 Missing type Missing type
security.oidc_logout 🟠 Missing type Missing type
security.oidc_prepare_authentication 🟠 Missing type Missing type
security.put_privileges 🟢 10/10 10/10
security.put_role_mapping 🔴 2/11 11/11
security.put_role 🟢 39/39 38/38
security.put_user 🟢 48/48 47/47
security.query_api_keys 🔴 14/14 1/14
security.query_role 🟢 2/2 2/2
security.query_user 🟢 4/4 4/4
security.saml_authenticate Missing test Missing test
security.saml_complete_logout Missing test Missing test
security.saml_invalidate Missing test Missing test
security.saml_logout Missing test Missing test
security.saml_prepare_authentication Missing test Missing test
security.saml_service_provider_metadata Missing test Missing test
security.suggest_user_profiles 🟢 1/1 1/1
security.update_api_key 🟢 5/5 5/5
security.update_cross_cluster_api_key 🟢 2/2 2/2
security.update_settings 🟠 Missing type Missing type
security.update_user_profile_data 🟢 1/1 1/1

You can validate these APIs yourself by using the make validate target.

jakelandis
jakelandis approved these changes Nov 18, 2024
View reviewed changes
Copy link
Contributor

@jakelandis jakelandis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@pquentin pquentin merged commit 8d4411d into 8.x Nov 19, 2024
6 checks passed
@pquentin pquentin deleted the backport-3125-to-8.x branch November 19, 2024 09:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jakelandis jakelandis jakelandis approved these changes

@flobernd flobernd flobernd approved these changes

@l-trotta l-trotta Awaiting requested review from l-trotta

Assignees

No one assigned

Labels

specification

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pquentin @jakelandis @flobernd