From 4fac842e69bc3e3d158f09a172c6b54b44bb1d44 Mon Sep 17 00:00:00 2001 From: Maxim Kholod Date: Fri, 2 Feb 2024 17:09:22 +0100 Subject: [PATCH] [Cloud Security] Add is_internal flag to fleet server hosts configuration (#175983) ## Summary - Follow up after https://github.com/elastic/kibana/pull/175546 - Part of https://github.com/elastic/kibana/issues/165251 introducing a new `is_internal` config option for `xpack.fleet.fleetServerHosts`. The usage is currently to protect the internal fleet server hosts in the UI: - filter them out in the Settings UI - disable internal hosts in the agent policy form ### Checklist Delete any items that are not applicable to this PR. - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: David Kilfoyle <41695641+kilfoyle@users.noreply.github.com> --- docs/settings/fleet-settings.asciidoc | 2 + .../current_fields.json | 1 + .../current_mappings.json | 4 + .../check_registered_types.test.ts | 2 +- .../plugins/fleet/common/openapi/bundled.json | 9 ++ .../plugins/fleet/common/openapi/bundled.yaml | 6 ++ .../components/schemas/fleet_server_host.yaml | 2 + .../openapi/paths/fleet_server_hosts.yaml | 2 + .../paths/fleet_server_hosts@{item_id}.yaml | 2 + .../models/fleet_server_policy_config.ts | 1 + .../types/rest_spec/fleet_server_hosts.ts | 2 + .../fleet/cypress/e2e/fleet_settings.cy.ts | 11 +++ x-pack/plugins/fleet/cypress/screens/fleet.ts | 1 + .../hooks.test.tsx | 58 +++++++++++- .../agent_policy_advanced_fields/hooks.tsx | 3 + .../fleet_server_hosts_table/index.tsx | 8 +- .../fleet/sections/settings/index.tsx | 7 +- .../fleet/server/saved_objects/index.ts | 13 +++ .../fleet_server_host.test.ts | 89 +++++++++++++++++-- .../preconfiguration/fleet_server_host.ts | 1 + .../server/types/models/preconfiguration.ts | 1 + .../rest_spec/fleet_server_policy_config.ts | 2 + .../fleet/server/types/so_attributes.ts | 1 + 23 files changed, 217 insertions(+), 11 deletions(-) diff --git a/docs/settings/fleet-settings.asciidoc b/docs/settings/fleet-settings.asciidoc index 468cef7ad90f9..f20094837b3e7 100644 --- a/docs/settings/fleet-settings.asciidoc +++ b/docs/settings/fleet-settings.asciidoc @@ -269,6 +269,8 @@ List of {fleet-server} hosts that are configured when the {fleet} app starts. ===== `is_default`::: Whether or not this host should be the default to use for {fleet-server}. + `is_internal`::: + If `true` the host will not appear in the UI, and can only be managed through `kibana.yml` or the {fleet} API. `proxy_id`::: Unique ID of the proxy to access the {fleet-server} host. ===== diff --git a/packages/kbn-check-mappings-update-cli/current_fields.json b/packages/kbn-check-mappings-update-cli/current_fields.json index 6a8b8c989ac70..56308a980cc56 100644 --- a/packages/kbn-check-mappings-update-cli/current_fields.json +++ b/packages/kbn-check-mappings-update-cli/current_fields.json @@ -632,6 +632,7 @@ "fleet-fleet-server-host": [ "host_urls", "is_default", + "is_internal", "is_preconfigured", "name", "proxy_id" diff --git a/packages/kbn-check-mappings-update-cli/current_mappings.json b/packages/kbn-check-mappings-update-cli/current_mappings.json index 7a75cdcecc790..4768e2605bb0b 100644 --- a/packages/kbn-check-mappings-update-cli/current_mappings.json +++ b/packages/kbn-check-mappings-update-cli/current_mappings.json @@ -2091,6 +2091,10 @@ "is_default": { "type": "boolean" }, + "is_internal": { + "type": "boolean", + "index": false + }, "host_urls": { "type": "keyword", "index": false diff --git a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts index 978cba8a06016..e99ca235bfad4 100644 --- a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts +++ b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts @@ -94,7 +94,7 @@ describe('checking migration metadata changes on all registered SO types', () => "file": "6b65ae5899b60ebe08656fd163ea532e557d3c98", "file-upload-usage-collection-telemetry": "06e0a8c04f991e744e09d03ab2bd7f86b2088200", "fileShare": "5be52de1747d249a221b5241af2838264e19aaa1", - "fleet-fleet-server-host": "b04898fcde07f4ce86e844c8fe2f4b23b77ef60a", + "fleet-fleet-server-host": "69be15f6b6f2a2875ad3c7050ddea7a87f505417", "fleet-message-signing-keys": "93421f43fed2526b59092a4e3c65d64bc2266c0f", "fleet-preconfiguration-deletion-record": "c52ea1e13c919afe8a5e8e3adbb7080980ecc08e", "fleet-proxy": "6cb688f0d2dd856400c1dbc998b28704ff70363d", diff --git a/x-pack/plugins/fleet/common/openapi/bundled.json b/x-pack/plugins/fleet/common/openapi/bundled.json index c04f0da6a3d85..008e1d1f0ba37 100644 --- a/x-pack/plugins/fleet/common/openapi/bundled.json +++ b/x-pack/plugins/fleet/common/openapi/bundled.json @@ -5083,6 +5083,9 @@ "is_default": { "type": "boolean" }, + "is_internal": { + "type": "boolean" + }, "host_urls": { "type": "array", "items": { @@ -5195,6 +5198,9 @@ "is_default": { "type": "boolean" }, + "is_internal": { + "type": "boolean" + }, "host_urls": { "type": "array", "items": { @@ -8904,6 +8910,9 @@ "is_default": { "type": "boolean" }, + "is_internal": { + "type": "boolean" + }, "is_preconfigured": { "type": "boolean" }, diff --git a/x-pack/plugins/fleet/common/openapi/bundled.yaml b/x-pack/plugins/fleet/common/openapi/bundled.yaml index ab486bb2fb8c2..849c22b47069a 100644 --- a/x-pack/plugins/fleet/common/openapi/bundled.yaml +++ b/x-pack/plugins/fleet/common/openapi/bundled.yaml @@ -3171,6 +3171,8 @@ paths: type: string is_default: type: boolean + is_internal: + type: boolean host_urls: type: array items: @@ -3241,6 +3243,8 @@ paths: type: string is_default: type: boolean + is_internal: + type: boolean host_urls: type: array items: @@ -5762,6 +5766,8 @@ components: type: string is_default: type: boolean + is_internal: + type: boolean is_preconfigured: type: boolean host_urls: diff --git a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_server_host.yaml b/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_server_host.yaml index 133bc7fcce13c..2bb08f3acc2a3 100644 --- a/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_server_host.yaml +++ b/x-pack/plugins/fleet/common/openapi/components/schemas/fleet_server_host.yaml @@ -7,6 +7,8 @@ properties: type: string is_default: type: boolean + is_internal: + type: boolean is_preconfigured: type: boolean host_urls: diff --git a/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts.yaml b/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts.yaml index d7668f3683b7b..987f61cd7619b 100644 --- a/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts.yaml +++ b/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts.yaml @@ -51,6 +51,8 @@ post: type: string is_default: type: boolean + is_internal: + type: boolean host_urls: type: array items: diff --git a/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts@{item_id}.yaml b/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts@{item_id}.yaml index d46a8b86fb7f6..21d5342d18a5e 100644 --- a/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts@{item_id}.yaml +++ b/x-pack/plugins/fleet/common/openapi/paths/fleet_server_hosts@{item_id}.yaml @@ -59,6 +59,8 @@ put: type: string is_default: type: boolean + is_internal: + type: boolean host_urls: type: array items: diff --git a/x-pack/plugins/fleet/common/types/models/fleet_server_policy_config.ts b/x-pack/plugins/fleet/common/types/models/fleet_server_policy_config.ts index 5609853a4ad2e..1e634df2b766d 100644 --- a/x-pack/plugins/fleet/common/types/models/fleet_server_policy_config.ts +++ b/x-pack/plugins/fleet/common/types/models/fleet_server_policy_config.ts @@ -11,6 +11,7 @@ export interface NewFleetServerHost { host_urls: string[]; is_default: boolean; is_preconfigured: boolean; + is_internal?: boolean; proxy_id?: string | null; } diff --git a/x-pack/plugins/fleet/common/types/rest_spec/fleet_server_hosts.ts b/x-pack/plugins/fleet/common/types/rest_spec/fleet_server_hosts.ts index 4a334c7e71b62..f07e96a0b927b 100644 --- a/x-pack/plugins/fleet/common/types/rest_spec/fleet_server_hosts.ts +++ b/x-pack/plugins/fleet/common/types/rest_spec/fleet_server_hosts.ts @@ -19,6 +19,7 @@ export interface PutFleetServerHostsRequest { name?: string; host_urls?: string[]; is_default?: boolean; + is_internal?: boolean; proxy_id?: string | null; }; } @@ -29,6 +30,7 @@ export interface PostFleetServerHostsRequest { name?: string; host_urls?: string[]; is_default?: boolean; + is_internal?: boolean; proxy_id?: string | null; }; } diff --git a/x-pack/plugins/fleet/cypress/e2e/fleet_settings.cy.ts b/x-pack/plugins/fleet/cypress/e2e/fleet_settings.cy.ts index 34bf23739495b..cd73a174c41dd 100644 --- a/x-pack/plugins/fleet/cypress/e2e/fleet_settings.cy.ts +++ b/x-pack/plugins/fleet/cypress/e2e/fleet_settings.cy.ts @@ -28,6 +28,13 @@ describe('Edit settings', () => { host_urls: ['https://localhost:8220'], is_default: true, }, + { + id: 'fleet-internal-host', + name: 'Internal Host', + host_urls: ['https://internal:8220'], + is_default: false, + is_internal: true, + }, ], page: 1, perPage: 10000, @@ -160,4 +167,8 @@ describe('Edit settings', () => { expect(interception.request.body.name).to.equal('output-logstash-1'); }); }); + + it('should not display internal fleet server hosts', () => { + cy.getBySel(SETTINGS_FLEET_SERVER_HOSTS.TABLE).should('not.contain', 'Internal Host'); + }); }); diff --git a/x-pack/plugins/fleet/cypress/screens/fleet.ts b/x-pack/plugins/fleet/cypress/screens/fleet.ts index b48a720001c1b..d7b1b5abf7ac7 100644 --- a/x-pack/plugins/fleet/cypress/screens/fleet.ts +++ b/x-pack/plugins/fleet/cypress/screens/fleet.ts @@ -190,6 +190,7 @@ export const SETTINGS_OUTPUTS_KAFKA = { export const SETTINGS_FLEET_SERVER_HOSTS = { ADD_BUTTON: 'settings.fleetServerHosts.addFleetServerHostBtn', EDIT_BUTTON: 'fleetServerHostsTable.edit.btn', + TABLE: 'settingsFleetServerHostsTable', }; export const AGENT_POLICY_FORM = { diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/hooks.test.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/hooks.test.tsx index b9f653db37e1e..0094d5120625b 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/hooks.test.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/hooks.test.tsx @@ -11,7 +11,7 @@ import { useLicense } from '../../../../../../hooks/use_license'; import type { LicenseService } from '../../../../services'; import type { AgentPolicy } from '../../../../types'; -import { useOutputOptions } from './hooks'; +import { useOutputOptions, useFleetServerHostsOptions } from './hooks'; jest.mock('../../../../../../hooks/use_license'); @@ -153,6 +153,35 @@ const mockApiCallsWithInternalOutputs = (http: MockedFleetStartServices['http']) }); }; +const mockApiCallsWithInternalFleetServerHost = (http: MockedFleetStartServices['http']) => { + http.get.mockImplementation(async (path) => { + if (typeof path !== 'string') { + throw new Error('Invalid request'); + } + if (path === '/api/fleet/fleet_server_hosts') { + return { + data: { + items: [ + { + id: 'default-host', + name: 'Default', + is_default: true, + }, + { + id: 'internal-output', + name: 'Internal', + is_default: false, + is_internal: true, + }, + ], + }, + }; + } + + return defaultHttpClientGetImplementation(path); + }); +}; + describe('useOutputOptions', () => { it('should generate enabled options if the licence is platinium', async () => { const testRenderer = createFleetTestRendererMock(); @@ -636,3 +665,30 @@ describe('useOutputOptions', () => { `); }); }); + +describe('useFleetServerHostsOptions', () => { + it('should not enable internal fleet server hosts', async () => { + const testRenderer = createFleetTestRendererMock(); + mockApiCallsWithInternalFleetServerHost(testRenderer.startServices.http); + const { result, waitForNextUpdate } = testRenderer.renderHook(() => + useFleetServerHostsOptions({} as AgentPolicy) + ); + expect(result.current.isLoading).toBeTruthy(); + + await waitForNextUpdate(); + expect(result.current.fleetServerHostsOptions).toMatchInlineSnapshot(` + Array [ + Object { + "disabled": undefined, + "inputDisplay": "Default (currently Default)", + "value": "@@##DEFAULT_SELECT##@@", + }, + Object { + "disabled": true, + "inputDisplay": "Internal", + "value": "internal-output", + }, + ] + `); + }); +}); diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/hooks.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/hooks.tsx index 5b36fd831bb65..7409f75a593dd 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/hooks.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/components/agent_policy_advanced_fields/hooks.tsx @@ -224,9 +224,12 @@ export function useFleetServerHostsOptions(agentPolicy: Partial !item.is_default) .map((item) => { + const isInternalFleetServerHost = !!item.is_internal; + return { value: item.id, inputDisplay: item.name, + disabled: isInternalFleetServerHost, }; }), ]; diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/settings/components/fleet_server_hosts_table/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/settings/components/fleet_server_hosts_table/index.tsx index 053baaf4e4f8a..d85d3f2848a6f 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/settings/components/fleet_server_hosts_table/index.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/settings/components/fleet_server_hosts_table/index.tsx @@ -152,5 +152,11 @@ export const FleetServerHostsTable: React.FunctionComponent; + return ( + + ); }; diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/settings/index.tsx b/x-pack/plugins/fleet/public/applications/fleet/sections/settings/index.tsx index 889635a9df71c..93f541d2ffd8b 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/settings/index.tsx +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/settings/index.tsx @@ -50,6 +50,7 @@ export const SettingsApp = withConfirmModalProvider(() => { const { outputs, fleetServerHosts, downloadSources, proxies } = useSettingsAppData(); const outputItems = outputs.data?.items.filter((item) => !item.is_internal); + const fleetServerHostsItems = fleetServerHosts.data?.items.filter((item) => !item.is_internal); const { deleteOutput } = useDeleteOutput(outputs.resendRequest); const { deleteDownloadSource } = useDeleteDownloadSource(downloadSources.resendRequest); @@ -81,7 +82,7 @@ export const SettingsApp = withConfirmModalProvider(() => { (outputs.isLoading && outputs.isInitialRequest) || !outputItems || (fleetServerHosts.isLoading && fleetServerHosts.isInitialRequest) || - !fleetServerHosts.data?.items || + !fleetServerHostsItems || (downloadSources.isLoading && downloadSources.isInitialRequest) || !downloadSources.data?.items || (proxies.isLoading && proxies.isInitialRequest) || @@ -99,7 +100,7 @@ export const SettingsApp = withConfirmModalProvider(() => { {(route: { match: { params: { itemId: string } } }) => { - const fleetServerHost = fleetServerHosts.data?.items.find( + const fleetServerHost = fleetServerHostsItems.find( (o) => route.match.params.itemId === o.id ); if (!fleetServerHost) { @@ -198,7 +199,7 @@ export const SettingsApp = withConfirmModalProvider(() => { deleteFleetProxy={deleteFleetProxy} proxies={proxies.data.items} outputs={outputItems} - fleetServerHosts={fleetServerHosts.data.items} + fleetServerHosts={fleetServerHostsItems} deleteOutput={deleteOutput} deleteFleetServerHost={deleteFleetServerHost} downloadSources={downloadSources.data.items} diff --git a/x-pack/plugins/fleet/server/saved_objects/index.ts b/x-pack/plugins/fleet/server/saved_objects/index.ts index a1d6e61c0fa66..d1c40ad2b84b9 100644 --- a/x-pack/plugins/fleet/server/saved_objects/index.ts +++ b/x-pack/plugins/fleet/server/saved_objects/index.ts @@ -626,11 +626,24 @@ const getSavedObjectTypes = (): { [key: string]: SavedObjectsType } => ({ properties: { name: { type: 'keyword' }, is_default: { type: 'boolean' }, + is_internal: { type: 'boolean', index: false }, host_urls: { type: 'keyword', index: false }, is_preconfigured: { type: 'boolean' }, proxy_id: { type: 'keyword' }, }, }, + modelVersions: { + '1': { + changes: [ + { + type: 'mappings_addition', + addedMappings: { + is_internal: { type: 'boolean', index: false }, + }, + }, + ], + }, + }, }, [FLEET_PROXY_SAVED_OBJECT_TYPE]: { name: FLEET_PROXY_SAVED_OBJECT_TYPE, diff --git a/x-pack/plugins/fleet/server/services/preconfiguration/fleet_server_host.test.ts b/x-pack/plugins/fleet/server/services/preconfiguration/fleet_server_host.test.ts index 330400fd4ba1f..22651dfae1405 100644 --- a/x-pack/plugins/fleet/server/services/preconfiguration/fleet_server_host.test.ts +++ b/x-pack/plugins/fleet/server/services/preconfiguration/fleet_server_host.test.ts @@ -4,20 +4,29 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { savedObjectsClientMock } from '@kbn/core/server/mocks'; +import { savedObjectsClientMock, elasticsearchServiceMock } from '@kbn/core/server/mocks'; import { securityMock } from '@kbn/security-plugin/server/mocks'; import { appContextService } from '../app_context'; -import { getDefaultFleetServerHost, createFleetServerHost } from '../fleet_server_host'; +import { + getDefaultFleetServerHost, + createFleetServerHost, + bulkGetFleetServerHosts, + updateFleetServerHost, +} from '../fleet_server_host'; import { createCloudFleetServerHostIfNeeded, getCloudFleetServersHosts, getPreconfiguredFleetServerHostFromConfig, + createOrUpdatePreconfiguredFleetServerHosts, } from './fleet_server_host'; +import type { FleetServerHost } from '../../../common/types'; + jest.mock('../fleet_server_host'); jest.mock('../app_context'); +jest.mock('../agent_policy'); const mockedAppContextService = appContextService as jest.Mocked; mockedAppContextService.getSecuritySetup.mockImplementation(() => ({ @@ -30,6 +39,12 @@ const mockedGetDefaultFleetServerHost = getDefaultFleetServerHost as jest.Mocked const mockedCreateFleetServerHost = createFleetServerHost as jest.MockedFunction< typeof createFleetServerHost >; +const mockedUpdateFleetServerHost = updateFleetServerHost as jest.MockedFunction< + typeof updateFleetServerHost +>; +const mockedBulkGetFleetServerHosts = bulkGetFleetServerHosts as jest.MockedFunction< + typeof bulkGetFleetServerHosts +>; describe('getPreconfiguredFleetServerHostFromConfig', () => { it('should work with preconfigured fleetServerHosts', () => { @@ -85,6 +100,30 @@ describe('getPreconfiguredFleetServerHostFromConfig', () => { expect(res.map(({ id }) => id)).toEqual(['fleet-123', 'fleet-default-fleet-server-host']); }); + it('should work with preconfigured internal fleetServerHosts', () => { + const config = { + fleetServerHosts: [ + { + id: 'fleet-123', + name: 'TEST', + is_default: true, + host_urls: ['http://test.fr'], + }, + { + id: 'fleet-internal', + name: 'TEST_INTERNAL', + is_default: false, + is_internal: true, + host_urls: ['http://test-internal.fr'], + }, + ], + }; + + const res = getPreconfiguredFleetServerHostFromConfig(config); + + expect(res).toEqual(config.fleetServerHosts); + }); + it('should throw if there is multiple default outputs', () => { const config = { agents: { fleet_server: { hosts: ['http://test.fr'] } }, @@ -174,10 +213,8 @@ describe('getCloudFleetServersHosts', () => { }); describe('createCloudFleetServerHostIfNeeded', () => { - beforeEach(() => { - mockedCreateFleetServerHost.mockReset(); - }); afterEach(() => { + mockedCreateFleetServerHost.mockReset(); mockedAppContextService.getCloud.mockReset(); }); it('should do nothing if there is no cloud fleet server hosts', async () => { @@ -243,3 +280,45 @@ describe('createCloudFleetServerHostIfNeeded', () => { ); }); }); + +describe('createOrUpdatePreconfiguredFleetServerHosts', () => { + beforeEach(() => { + mockedBulkGetFleetServerHosts.mockResolvedValue([ + { + id: 'fleet-123', + name: 'TEST', + is_default: true, + host_urls: ['http://test.fr'], + }, + { + id: 'fleet-internal', + name: 'TEST_INTERNAL', + is_default: false, + is_internal: false, + host_urls: ['http://test-internal.fr'], + }, + ] as FleetServerHost[]); + }); + afterEach(() => { + mockedBulkGetFleetServerHosts.mockReset(); + }); + + it('should update preconfigured fleet server hosts if is_internal flag changes', async () => { + const soClient = savedObjectsClientMock.create(); + const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; + + await createOrUpdatePreconfiguredFleetServerHosts(soClient, esClient, [ + { + id: 'fleet-internal', + name: 'TEST_INTERNAL', + is_default: false, + is_internal: true, + host_urls: ['http://test-internal.fr'], + is_preconfigured: false, + }, + ]); + + expect(mockedCreateFleetServerHost).not.toBeCalled(); + expect(mockedUpdateFleetServerHost).toBeCalled(); + }); +}); diff --git a/x-pack/plugins/fleet/server/services/preconfiguration/fleet_server_host.ts b/x-pack/plugins/fleet/server/services/preconfiguration/fleet_server_host.ts index f622b1115e16e..5959cc25288ce 100644 --- a/x-pack/plugins/fleet/server/services/preconfiguration/fleet_server_host.ts +++ b/x-pack/plugins/fleet/server/services/preconfiguration/fleet_server_host.ts @@ -110,6 +110,7 @@ export async function createOrUpdatePreconfiguredFleetServerHosts( (!existingHost.is_preconfigured || existingHost.is_default !== preconfiguredFleetServerHost.is_default || existingHost.name !== preconfiguredFleetServerHost.name || + isDifferent(existingHost.is_internal, preconfiguredFleetServerHost.is_internal) || isDifferent( existingHost.host_urls.map(normalizeHostsForAgents), preconfiguredFleetServerHost.host_urls.map(normalizeHostsForAgents) diff --git a/x-pack/plugins/fleet/server/types/models/preconfiguration.ts b/x-pack/plugins/fleet/server/types/models/preconfiguration.ts index 7572da134bd99..e814616268d3d 100644 --- a/x-pack/plugins/fleet/server/types/models/preconfiguration.ts +++ b/x-pack/plugins/fleet/server/types/models/preconfiguration.ts @@ -103,6 +103,7 @@ export const PreconfiguredFleetServerHostsSchema = schema.arrayOf( id: schema.string(), name: schema.string(), is_default: schema.boolean({ defaultValue: false }), + is_internal: schema.maybe(schema.boolean()), host_urls: schema.arrayOf(schema.string(), { minSize: 1 }), proxy_id: schema.nullable(schema.string()), }), diff --git a/x-pack/plugins/fleet/server/types/rest_spec/fleet_server_policy_config.ts b/x-pack/plugins/fleet/server/types/rest_spec/fleet_server_policy_config.ts index bf112a7d9abfe..d3f2f36a1624f 100644 --- a/x-pack/plugins/fleet/server/types/rest_spec/fleet_server_policy_config.ts +++ b/x-pack/plugins/fleet/server/types/rest_spec/fleet_server_policy_config.ts @@ -13,6 +13,7 @@ export const PostFleetServerHostRequestSchema = { name: schema.string(), host_urls: schema.arrayOf(schema.string(), { minSize: 1 }), is_default: schema.boolean({ defaultValue: false }), + is_internal: schema.maybe(schema.boolean()), proxy_id: schema.nullable(schema.string()), }), }; @@ -27,6 +28,7 @@ export const PutFleetServerHostRequestSchema = { name: schema.maybe(schema.string()), host_urls: schema.maybe(schema.arrayOf(schema.string(), { minSize: 1 })), is_default: schema.maybe(schema.boolean({ defaultValue: false })), + is_internal: schema.maybe(schema.boolean()), proxy_id: schema.nullable(schema.string()), }), }; diff --git a/x-pack/plugins/fleet/server/types/so_attributes.ts b/x-pack/plugins/fleet/server/types/so_attributes.ts index 09b49440fe3c3..05b2cc1b05bae 100644 --- a/x-pack/plugins/fleet/server/types/so_attributes.ts +++ b/x-pack/plugins/fleet/server/types/so_attributes.ts @@ -104,6 +104,7 @@ export interface FleetServerHostSOAttributes { host_urls: string[]; is_default: boolean; is_preconfigured: boolean; + is_internal?: boolean; proxy_id?: string | null; }