Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Authz] Add Security Solution authorization for SessionView and Kubernetes Dashboard #200089

Closed
wants to merge 3 commits into from
Closed

[Authz] Add Security Solution authorization for SessionView and Kubernetes Dashboard #200089

wants to merge 3 commits into from

Conversation

opauloh
Copy link
Contributor

@opauloh opauloh commented Nov 13, 2024
edited
Loading

Summary

Authz API migration for unauthorized routes

This PR applies the securitySolution authorization to endpoints of the Security Solution's features Session View and Kubernetes Dashboard, using the new Kibana Security Api authorization.

Once this PR is merged, accessing the Session View or Kubernetes endpoints with a user that lacks Kibana Security (Read) privilege will return the following error:

{
    "statusCode": 403,
    "error": "Forbidden",
    "message": "API [GET /internal/session_view/process_events?index=logs-endpoint.events.process] is unauthorized for user, this action is granted by the Kibana privileges [securitySolution]"
}

See this comment for more context

Related

@opauloh opauloh added release_note:skip Skip the PR/issue when compiling release notes Feature:Security/Authorization Platform Security - Authorization Team:Cloud Security Cloud Security team related backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) Authz: API migration labels Nov 13, 2024
@opauloh opauloh requested a review from a team as a code owner November 13, 2024 20:26
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)

@opauloh opauloh mentioned this pull request Nov 13, 2024
Merged
@elasticmachine
Copy link
Contributor

elasticmachine commented Nov 13, 2024
edited
Loading

💔 Build Failed

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #34 / Session View API (basic) Session view - /internal/session_view/process_events - with a basic license using typical process event data Session View obs_only_all_spaces_all should NOT be able to view alerts in session view
  • [job] [logs] FTR Configs #34 / Session View API (basic) Session view - /internal/session_view/process_events - with a basic license using typical process event data Session View obs_only_all_spaces_all should NOT be able to view alerts in session view

Metrics [docs]

✅ unchanged

History

@albertoblaz
Copy link
Contributor

@opauloh Should we close this PR as per your last comment on the issue?

@opauloh
Copy link
Contributor Author

opauloh commented Nov 14, 2024

Closing due to the circumstances on this comment

@opauloh opauloh closed this Nov 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Authz: API migration backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) Feature:Security/Authorization Platform Security - Authorization release_note:skip Skip the PR/issue when compiling release notes Team:Cloud Security Cloud Security team related
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@opauloh @elasticmachine @albertoblaz @kibanamachine