Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ResponeOps][Meta] Index all API routes maintained by the ResponseOps team #192897

Open
cnasikas opened this issue Sep 13, 2024 · 0 comments
Open

[ResponeOps][Meta] Index all API routes maintained by the ResponseOps team #192897

cnasikas opened this issue Sep 13, 2024 · 0 comments
Assignees
@cnasikas
Labels
Meta Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)

Comments

@cnasikas
Copy link
Member

cnasikas commented Sep 13, 2024
edited
Loading

Inspired by: #192177

API route access is changing in V9. The main takeaways are:

  • The route path will no longer specify access (i.e. "/api/x" vs "/internal/x" will not have any access effect anymore)
  • A route must be tagged with access:{valid_access_string} to specify its intended access
  • Any route that isn't tagged with the access: tag will be PRIVATE by default

We will probably need to make changes to various APIs we maintain in order to account for this change in V9. As a first step, we need to index all of the API routes for the areas we maintain, along with their intended access level, and whether or not they already use the access: tag.

Acceptance criteria

  • The index below is filled out with all known API routes maintained by our team (@elastic/response-ops ) as of this issue writing in September 2024. Those areas are currently:
    • Rules (x-pack/plugins/alerting)
    • Task manager (x-pack/plugins/task_manager)
    • Connectors (x-pack/plugins/actions)
    • Triggers Actions UI (x-pack/plugins/triggers_actions_ui)
    • Stack connectors (x-pack/plugins/stack_connectors)
    • Cases (x-pack/plugins/cases)
    • Rule registry (x-pack/plugins/rule_registry)

API Index

Rules

Route path Public or private? Uses access:{access} tag? Link to docs, if they exist
POST /api/alerting/rule/{id?} public docs
GET /api/alerting/rule/{id} public docs
GET /internal/alerting/rule/{id} internal
GET /internal/alerting/rule/{id}/_resolve internal
PUT /api/alerting/rule/{id} public docs
DELETE /api/alerting/rule/{id} public docs
POST /internal/alerting/rules/__aggregate internal
POST /api/alerting/rule/{id}/_disable public docs
POST /api/alerting/rule/{id}/_enable public docs
GET /api/alerting/rules/_find public docs
GET /internal/alerting/rules/_find internal
GET /internal/alerting/rule/{id}/_alert_summary internal
GET /internal/alerting/rule/{id}/_execution_log internal
GET /internal/alerting/_global_execution_logs internal
GET /internal/alerting/rule/{id}/_action_error_log internal
GET /internal/alerting/rule/{id}/_execution_kpi internal
GET /internal/alerting/_global_execution_kpi internal
GET /internal/alerting/rule/{id}/state internal
GET /api/alerting/_health public docs
GET /api/alerting/rule_types public docs
POST /api/alerting/rule/{id}/_mute_all public docs
POST /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute public docs
POST /api/alerting/rule/{id}/_unmute_all public docs
POST /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute public docs
POST /api/alerting/rule/{id}/_update_api_key public docs
POST /internal/alerting/rules/_bulk_edit internal
PATCH /internal/alerting/rules/_bulk_enable internal
PATCH /internal/alerting/rules/_bulk_disable internal
POST /internal/alerting/rule/{id}/_snooze internal
POST /internal/alerting/rule/{id}/_unsnooze internal
POST /internal/alerting/rule/{id}/_run_soon internal
POST /internal/alerting/rule/{id}/_clone/{newId?} internal
GET /internal/alerting/rules/settings/_flapping internal
POST /internal/alerting/rules/settings/_flapping internal
GET /internal/alerting/rules/_tags internal
POST /internal/alerting/rules/maintenance_window internal
GET /internal/alerting/rules/maintenance_window/{id} internal
POST /internal/alerting/rules/maintenance_window/{id} internal
DELETE /internal/alerting/rules/maintenance_window/{id} internal
GET /internal/alerting/rules/maintenance_window/_find internal
POST /internal/alerting/rules/maintenance_window/_archive internal
POST /internal/alerting/rules/maintenance_window/_finish internal
GET /internal/alerting/rules/maintenance_window/_active internal
POST /internal/alerts/suggestions/values internal
POST /internal/rules/suggestions/values internal
POST /internal/rules/saved_objects/fields internal
POST /internal/alerting/rules/maintenance_window/_bulk_get internal
GET /internal/alerting/rules/_schedule_frequency internal
POST /internal/alerting/alerts/_bulk_untrack internal
POST /internal/alerting/alerts/_bulk_untrack_by_query internal
GET /internal/alerting/rules/settings/_query_delay internal
POST /internal/alerting/rules/settings/_query_delay internal
POST /internal/alerting/rules/backfill/_schedule internal
GET /internal/alerting/rules/backfill/{id} internal
POST /internal/alerting/rules/backfill/_find internal
DELETE /internal/alerting/rules/backfill/{id} internal
POST /api/alerts/alert/{id?} public docs
DELETE /api/alerts/alert/{id} public docs
GET /api/alerts/_find public docs
GET /api/alerts/alert/{id} public docs
GET /api/alerts/alert/{id}/state public
GET /api/alerts/alert/{id}/_instance_summary public
GET /api/alerts/list_alert_types public docs
PUT /api/alerts/alert/{id} public docs
POST /api/alerts/alert/{id}/_enable public docs
POST /api/alerts/alert/{id}/_disable public docs
POST /api/alerts/alert/{id}/_update_api_key public
POST /api/alerts/alert/{id}/_mute_all public docs
POST /api/alerts/alert/{id}/_unmute_all public docs
POST /api/alerts/alert/{alert_id}/alert_instance/{alert_instance_id}/_mute public docs
POST /api/alerts/alert/{alert_id}/alert_instance/{alert_instance_id}/_unmute public docs
GET /api/alerts/_health public docs

Task manager

Route path Public or private? Uses access:{access} tag? Link to docs, if they exist
GET /api/task_manager/_background_task_utilization public
GET /internal/task_manager/_background_task_utilization public
GET /api/task_manager/_health public docs
GET /api/task_manager/metrics public

Connectors

Route path Public or private? Uses access:{access} tag? Link to docs, if they exist
POST /api/actions/connector/{id?} public docs
DELETE /api/actions/connector/{id} public docs
GET /api/actions/connector/{id} public docs
GET /api/actions/connector public docs
PUT /api/actions/connector/{id} public docs
GET /api/actions/connector_types public docs
POST /api/actions/connector/{id}/_execute public docs
POST /internal/actions/_global_connector_execution_logs internal
POST /internal/actions/_global_connector_execution_kpi internal
POST /internal/actions/connector/_oauth_access_token internal
POST /internal/actions/connector/_oauth_access_token internal
GET /internal/actions/connector internal
GET /internal/actions/connector_types internal
POST /api/actions/action public docs
DELETE /api/actions/action/{id} public docs
GET /api/actions/action/{id} public docs
GET /api/actions/action public docs
PUT /api/actions/action/{id} public docs
GET /api/actions/list_action_types public docs
POST /api/actions/action/{id}/_execute public docs

Triggers Actions UI

Route path Public or private? Uses access:{access} tag? Link to docs, if they exist
POST /internal/triggers_actions_ui/_time_series_query internal
POST /internal/triggers_actions_ui/_fields internal
POST /internal/triggers_actions_ui/_indices internal
GET /internal/triggers_actions_ui/_health internal
GET /internal/triggers_actions_ui/_config internal

Stack connectors

Route path Public or private? Uses access:{access} tag? Link to docs, if they exist
POST /internal/stack_connectors/_slack_api/channels/_valid internal
GET /internal/stack_connectors/_email_config/{service} internal

Cases

Route path Public or private? Uses access:{access} tag? Link to docs, if they exist
DELETE /api/cases public docs
GET /api/cases/_find public docs
GET /api/cases/{id} public docs
GET /api/cases/{id}/resolve internal
PATCH /api/cases public docs
POST /api/cases public docs
POST /api/cases/{case_id}/connector/{connector_id}/_push public docs
GET /api/cases/{case_id}/user_actions/_find public docs
GET /api/cases/{case_id}/user_actions public docs
GET /api/cases/status public docs
GET /api/cases/alerts/{alert_id} public docs
GET /api/cases/reporters public docs
GET /api/cases/tags public docs
DELETE api/cases/{case_id}/comments/{comment_id} public docs
DELETE api/cases/{case_id}/comments public docs
GET /api/cases/{case_id}/comments/_find public docs
GET /api/cases/{case_id}/comments/{comment_id} public docs
GET /api/cases/{case_id}/comments public docs
PATCH /api/cases/{case_id}/comments public docs
POST /api/cases/{case_id}/comments public docs
POST /api/cases/{case_id}/comments public docs
GET /api/cases/configure public docs
GET /api/cases/configure/connectors/_find public docs
PATCH /api/cases/configure/{configuration_id} public docs
POST /api/cases/configure public docs
GET /api/cases/{case_id}/alerts public docs
POST /internal/cases/{case_id}/attachments/_bulk_create internal
POST /internal/cases/_suggest_user_profiles internal
GET /internal/cases/{case_id}/_connectors internal
POST /internal/cases/_bulk_get internal
GET /internal/cases/{case_id}/user_actions/_stats internal
POST /internal/cases/{case_id}/attachments/_bulk_get internal
GET /internal/cases/{case_id}/_users internal
POST /internal/cases/{case_id}/attachments/files/_bulk_delete internal
GET /internal/cases/categories internal
GET /internal/cases/metrics/{case_id} internal
GET /internal/cases/metrics internal
GET /internal/cases/_search internal
PUT /internal/cases/{case_id}/custom_fields/{custom_field_id} internal

Rule registry

Route path Public or private? Uses access:{access} tag? Link to docs, if they exist
GET /internal/rac/alerts internal
POST /internal/rac/alerts internal
GET /internal/rac/alerts/index internal
POST /internal/rac/alerts/bulk_update internal
POST /internal/rac/alerts/find internal
POST /internal/rac/alerts/_group_aggregations internal
GET /internal/rac/alerts/_feature_ids internal
GET /internal/rac/alerts/browser_fields internal
POST /internal/rac/alerts/_alert_summary internal
GET /internal/rac/alerts/aad_fields internal
@cnasikas cnasikas added the Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) label Sep 13, 2024
@cnasikas cnasikas changed the title [ResponeOps][Alerting] Index all API routes maintained by the ResponseOps team [ResponeOps][Meta][Alerting] Index all API routes maintained by the ResponseOps team Sep 13, 2024
@cnasikas cnasikas added the Meta label Sep 13, 2024
@cnasikas cnasikas changed the title [ResponeOps][Meta][Alerting] Index all API routes maintained by the ResponseOps team [ResponeOps][Meta] Index all API routes maintained by the ResponseOps team Sep 15, 2024
@cnasikas cnasikas mentioned this issue Sep 15, 2024
Closed
20 tasks
@cnasikas cnasikas self-assigned this Sep 15, 2024
@cnasikas cnasikas mentioned this issue Sep 15, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cnasikas cnasikas

Labels
Meta Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cnasikas