Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ResponseOps] Granular Connector RBAC #203503

Merged
merged 59 commits into from
Jan 6, 2025
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
59 commits
Select commit Hold shift + click to select a range
36a8907
Adding EDR feature privilege
doakalexi Oct 22, 2024
fdf7212
Updating the ui
doakalexi Oct 23, 2024
5384fa9
Rename to action instead of connector
doakalexi Oct 23, 2024
96ccb6d
Fix boolean
doakalexi Oct 23, 2024
c274951
Removing changes from email connector
doakalexi Oct 23, 2024
4f29da8
Updating canExecute
doakalexi Oct 23, 2024
ef4ba21
Merge branch 'main' into poc/connector-rbac
doakalexi Oct 23, 2024
5b79db1
Merge branch 'main' of github.com:elastic/kibana into poc/connector-rbac
doakalexi Nov 19, 2024
30c7260
Fixing a bad change from merge conflicts
doakalexi Nov 19, 2024
3e5f43f
Update EDR connectors to only allow testing for one sub action
doakalexi Nov 22, 2024
394a8af
Adding validation to rule creation
doakalexi Dec 3, 2024
a5cefc0
Merge branch 'main' of github.com:elastic/kibana into poc/connector-rbac
doakalexi Dec 3, 2024
613381a
Removing changes from merge conflicts
doakalexi Dec 3, 2024
6403e6b
Adding api key info to the event log
doakalexi Dec 3, 2024
a2d2079
Removing some changes that arent needed
doakalexi Dec 4, 2024
372012a
Removing consumer
doakalexi Dec 4, 2024
243cacc
Adding back rbac
doakalexi Dec 4, 2024
bf19980
Fixing typo
doakalexi Dec 5, 2024
be23b06
Merge branch 'main' of github.com:elastic/kibana into poc/connector-rbac
doakalexi Dec 9, 2024
5a7b3dd
Creating a new sub-feature field in the connector type
doakalexi Dec 9, 2024
7b34ca5
Adding back the api key
doakalexi Dec 10, 2024
68dc60f
Adding tests
doakalexi Dec 11, 2024
3830696
Removing api key code
doakalexi Dec 12, 2024
f7c006d
Adding functional tests
doakalexi Dec 12, 2024
886abec
Merge branch 'main' of github.com:elastic/kibana into connector-rbac
doakalexi Dec 12, 2024
3e4853d
Updating the subfeaturetype
doakalexi Dec 12, 2024
e40c39a
Fixing lint
doakalexi Dec 12, 2024
cf0884a
[CI] Auto-commit changed files from 'node scripts/notice'
kibanamachine Dec 12, 2024
cf1b80c
Removing circular dependency
doakalexi Dec 13, 2024
524649b
Merge branch 'main' of github.com:elastic/kibana into connector-rbac
doakalexi Dec 13, 2024
68d725f
[CI] Auto-commit changed files from 'node scripts/notice'
kibanamachine Dec 13, 2024
8f11152
Merge branch 'main' of github.com:elastic/kibana into connector-rbac
doakalexi Dec 13, 2024
d29771b
Merge branch 'connector-rbac' of github.com:doakalexi/kibana into con…
doakalexi Dec 13, 2024
2fad33b
Removing from tsconfig
doakalexi Dec 13, 2024
cb380ea
Fixing type check failures
doakalexi Dec 13, 2024
36c03ab
Fixing type check again
doakalexi Dec 13, 2024
936cab9
Fixing test failures
doakalexi Dec 13, 2024
0903096
Merge branch 'main' into connector-rbac
doakalexi Dec 13, 2024
2151a50
Fixing update rule tests
doakalexi Dec 16, 2024
988484c
Removing UI changes
doakalexi Dec 16, 2024
cde862f
Merge branch 'connector-rbac' of github.com:doakalexi/kibana into con…
doakalexi Dec 16, 2024
71ba4f9
Merge branch 'main' into connector-rbac
doakalexi Dec 16, 2024
923fc9a
Fixing bulk edit test
doakalexi Dec 16, 2024
b60de78
Merge branch 'connector-rbac' of github.com:doakalexi/kibana into con…
doakalexi Dec 16, 2024
60b0f65
Merge branch 'main' into connector-rbac
doakalexi Dec 16, 2024
11ad095
Fixing ai assistant privileges tests
doakalexi Dec 16, 2024
12a0c82
Merge branch 'connector-rbac' of github.com:doakalexi/kibana into con…
doakalexi Dec 16, 2024
f62d3e8
Removing so from subfeature
doakalexi Dec 19, 2024
83203e5
Merge branch 'main' into connector-rbac
doakalexi Dec 19, 2024
09f56a5
Merge branch 'main' of github.com:elastic/kibana into connector-rbac
doakalexi Dec 19, 2024
d12aa20
Merge branch 'connector-rbac' of github.com:doakalexi/kibana into con…
doakalexi Dec 19, 2024
7d000b3
Merge branch 'main' into connector-rbac
doakalexi Dec 26, 2024
a0a14ac
Merge branch 'main' of github.com:elastic/kibana into connector-rbac
doakalexi Dec 30, 2024
be33125
Merge branch 'main' into connector-rbac
doakalexi Jan 2, 2025
aa216e6
Renaming from PR feedback
doakalexi Jan 6, 2025
b1701a9
Merge branch 'main' into connector-rbac
doakalexi Jan 6, 2025
c8754b9
Fixing test failure
doakalexi Jan 6, 2025
6855741
Merge branch 'connector-rbac' of github.com:doakalexi/kibana into con…
doakalexi Jan 6, 2025
66103c8
Fixing test failure
doakalexi Jan 6, 2025
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Adding api key info to the event log
  • Loading branch information
doakalexi committed Dec 3, 2024
commit 6403e6b2bdd74818ff9bdf9607499a09a58fec90
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,18 @@ export interface UserRealm {
type: string;
}

export interface ApiKey {
/**
* Name of the API key.
*/
name: string;

/**
* The ID of the API key.
*/
id: string;
}

/**
* Represents the currently authenticated user.
*/
Expand Down Expand Up @@ -60,4 +72,9 @@ export interface AuthenticatedUser extends User {
* User profile ID of this user.
*/
profile_uid?: string;

/**
* Metadata of the API key that was used to authenticate the user.
*/
api_key?: ApiKey;
}
1 change: 1 addition & 0 deletions x-pack/plugins/actions/server/lib/action_executor.ts
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,7 @@ export class ActionExecutor {
event.user = event.user || {};
event.user.name = currentUser?.username;
event.user.id = currentUser?.profile_uid;
event.api_key = currentUser?.api_key;
set(
event,
'kibana.action.execution.usage.request_body_bytes',
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -78,22 +78,16 @@ export async function validateActions(
}
}

// check for invalid EDR actions
// check for invalid EDR connectors
const allConnectorTypes = await actionsClient.listTypes({});
const edrConnectorTypes = allConnectorTypes.filter((type) => type.isEdrActionType);
const edrConnectorTypesMap = Object.fromEntries(edrConnectorTypes.map((type) => [type.id, type]));

const edrConnectorTypeIds = Object.keys(edrConnectorTypesMap);
const actionTypeIds = new Set(actionResults.map((result) => result.actionTypeId));
const edrActionTypeIds = edrConnectorTypeIds.filter((id) => actionTypeIds.has(id));

const hasInvalidEdrActions =
edrActionTypeIds.length > 0 &&
edrActionTypeIds.some(
(actionId) => !edrConnectorTypesMap[actionId]?.supportedFeatureIds.includes(consumer)
);
const edrConnectorTypeIds = new Set(
allConnectorTypes.filter((type) => type.isEdrActionType).map((type) => type.id)
);
const edrActionTypeIds = actionResults
.map((result) => result.actionTypeId)
.filter((id) => edrConnectorTypeIds.has(id));

if (hasInvalidEdrActions) {
if (edrActionTypeIds.length > 0) {
errors.push(
i18n.translate('xpack.alerting.rulesClient.validateActions.edrConnector', {
defaultMessage: 'Invalid EDR connectors.',
Expand Down
10 changes: 10 additions & 0 deletions x-pack/plugins/event_log/generated/mappings.json
Original file line number Diff line number Diff line change
Expand Up @@ -525,6 +525,16 @@
}
}
}
},
"api_key": {
"properties": {
"id": {
"type": "keyword"
},
"name": {
"type": "keyword"
}
}
}
}
}
6 changes: 6 additions & 0 deletions x-pack/plugins/event_log/generated/schemas.ts
Original file line number Diff line number Diff line change
Expand Up @@ -239,6 +239,12 @@ export const EventSchema = schema.maybe(
),
})
),
api_key: schema.maybe(
schema.object({
id: ecsString(),
name: ecsString(),
})
),
})
);

Expand Down
11 changes: 11 additions & 0 deletions x-pack/plugins/event_log/scripts/mappings.js
Original file line number Diff line number Diff line change
Expand Up @@ -301,6 +301,16 @@ exports.EcsCustomPropertyMappings = {
},
},
},
api_key: {
properties: {
id: {
type: 'keyword',
},
name: {
type: 'keyword',
},
},
},
};

/**
Expand All @@ -320,6 +330,7 @@ exports.EcsPropertiesToGenerate = [
'user.name',
'user.id',
'kibana',
'api_key',
];

/**
Expand Down