New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Fleet] Output Secrets Backend #169221
[Fleet] Output Secrets Backend #169221
Conversation
Pinging @elastic/fleet (Team:Fleet) |
🤖 GitHub commentsExpand to view the GitHub comments
Just comment with:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, could we document what changes are needed to introduce a new output secret field? e.g. remote-elasticsearch
service_token
field
@elasticmachine merge upstream |
659eecb
to
32ea487
Compare
@elasticmachine merge upstream |
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]Page load bundle
History
To update your PR or re-run it, just comment with: cc @hop-dev |
## Summary Continuation of #169221. Part of #157458 _Note: The experimental feature flag `outputSecretsStorage` must be enabled to see these changes._ Introduces the UI components to create and edit output secrets, currently there are only 3 output secrets: - Kafka output password - Kafka output SSL key - Logstash output SSL key Some key behaviours of the new UI: - on creating an output, the user can opt to revert to using plain text values if they want - once an output has been created with a secret, when editing the output, the secret values can only be replaced, never viewed - If an output uses plain values, there currently isn't a way to convert to using secrets. **Create** <img width="1639" alt="Screenshot 2023-10-24 at 14 48 49" src="https://github.com/elastic/kibana/assets/3315046/4f1d6715-70bb-4a91-a619-78cbc37106d7"> **Edit** https://github.com/elastic/kibana/assets/3315046/d8d44911-81d3-4a06-a0ff-ece981a36496 --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Summary
Had to recreate this after pinging the whole of Kibana accidentally on the last one :D
Part of #157458
Adds the ability to sepcify secrets in outputs. Currently the following secrets are supported:
The behaviour is as follows:
Secrets are only enabled if a fleet server of 8.10.0 or greater is connected.
Integration tests added for all scenarios.