From a020329976b98397d8c03699253e63c234817ad8 Mon Sep 17 00:00:00 2001 From: ymao1 Date: Mon, 8 Mar 2021 12:53:40 -0500 Subject: [PATCH] [Alerting][Docs] Moving limitations from README to user docs (#93933) * Moving limitations to user docs * Moving limitations to user docs * Removing outdated limitations --- x-pack/plugins/alerts/README.md | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/x-pack/plugins/alerts/README.md b/x-pack/plugins/alerts/README.md index 057d86e4c0f31..6d2ad7e37a6dc 100644 --- a/x-pack/plugins/alerts/README.md +++ b/x-pack/plugins/alerts/README.md @@ -14,7 +14,6 @@ Table of Contents - [Terminology](#terminology) - [Usage](#usage) - [Alerts API keys](#alerts-api-keys) - - [Limitations](#limitations) - [Plugin status](#plugin-status) - [Alert types](#alert-types) - [Methods](#methods) @@ -67,20 +66,6 @@ For security plugin invalidation, we schedule a task to check if the`api_key_pen To change the schedule for the invalidation task, use the kibana.yml configuration option `xpack.alerts.invalidateApiKeysTask.interval`. To change the default delay for the API key invalidation, use the kibana.yml configuration option `xpack.alerts.invalidateApiKeysTask.removalDelay`. -## Limitations - -When security is enabled, an SSL connection to Elasticsearch is required in order to use alerting. - -When security is enabled, users who create alerts will need the `manage_api_key` cluster privilege. There is currently work in progress to remove this requirement. - -Note that the `manage_own_api_key` cluster privilege is not enough - it can be used to create API keys, but not invalidate them, and the alerting plugin currently both creates and invalidates APIs keys as part of it's processing. When using only the `manage_own_api_key` privilege, you will see the following message logged in the server when the alerting plugin attempts to invalidate an API key: - -``` -[error][alerting][plugins] Failed to invalidate API Key: [security_exception] \ - action [cluster:admin/xpack/security/api_key/invalidate] \ - is unauthorized for user [user-name-here] -``` - ## Plugin status The plugin status of an alert is customized by including information about checking failures for the framework decryption: