Skip to content

Commit

Permalink
[ResponseOps][DOCS] SSL for Cases Webhook connector (elastic#191690)
Browse files Browse the repository at this point in the history
  • Loading branch information
lcawl authored Sep 3, 2024
1 parent d246193 commit 19dd65c
Show file tree
Hide file tree
Showing 19 changed files with 611 additions and 323 deletions.
28 changes: 17 additions & 11 deletions docs/management/connectors/action-types/cases-webhook.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -51,9 +51,20 @@ image::management/connectors/images/cases-webhook-connector-comments.png[Add cas

{webhook-cm} connectors have the following configuration properties:

Add HTTP header::
A set of key-value pairs sent as headers with the request URLs for the create case, update case, get case, and create comment methods.
For example, set `Content-Type` to the appropriate media type for your requests.
Authentication::
The authentication type: none, basic, or SSL.
If you choose basic authentication, you must provide a user name and password.
If you choose SSL authentication, you must provide SSL server certificate authentication data in a CRT and key file format or a PFX file format.
You can also optionally provide a passphrase if the files are password-protected.

Certificate authority::
A certificate authority (CA) that the connector can trust, for example to sign and validate server certificates.
This option is available for all authentication types.
You can choose from the following verification modes:

- `Full`: Validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority, and has a hostname or IP address that matches the names within the certificate.
- `Certificate`: Validate that the certificate it is signed by a trusted authority. This option does not check the certificate hostname.
- `None`: Skip certificate validation.

Create case method::
The REST API HTTP request method to create a case in the third-party system: `post`(default), `put`, or `patch`.
Expand Down Expand Up @@ -143,11 +154,9 @@ https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.id}}}
NOTE: Due to Mustache template variables (the text enclosed in triple braces, for example, `{{{case.title}}}`), the JSON is not validated in this step. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass.
--

Require authentication::
If true, a username and password for login type authentication must be provided.

Password::
The password for HTTP basic authentication.
HTTP headers::
A set of key-value pairs sent as headers with the request URLs for the create case, update case, get case, and create comment methods.
For example, set `Content-Type` to the appropriate media type for your requests.

Update case method::
The REST API HTTP request method to update the case in the third-party system: `post`, `put`(default), or `patch`.
Expand Down Expand Up @@ -185,9 +194,6 @@ For example:
https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.ID}}}
--

Username::
The username for HTTP basic authentication.

[float]
[[cases-webhook-action-configuration]]
=== Test connectors
Expand Down
157 changes: 96 additions & 61 deletions oas_docs/output/kibana.serverless.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11720,6 +11720,32 @@ components:
type: number
description: Generic Error
schemas:
Connectors_auth_type:
description: |
The type of authentication to use: basic, SSL, or none.
enum:
- webhook-authentication-basic
- webhook-authentication-ssl
nullable: true
title: Authentication type
type: string
Connectors_ca:
description: >
A base64 encoded version of the certificate authority file that the
connector can trust to sign and validate certificates. This option is
available for all authentication types.
title: Certificate authority
type: string
Connectors_cert_type:
description: >
If the `authType` is `webhook-authentication-ssl`, specifies whether the
certificate authentication data is in a CRT and key file format or a PFX
file format.
enum:
- ssl-crt-key
- ssl-pfx
title: Certificate type
type: string
Connectors_config_properties_bedrock:
description: Defines properties for connectors when type is `.bedrock`.
properties:
Expand All @@ -11740,6 +11766,12 @@ components:
description: Defines properties for connectors when type is `.cases-webhook`.
type: object
properties:
authType:
$ref: '#/components/schemas/Connectors_auth_type'
ca:
$ref: '#/components/schemas/Connectors_ca'
certType:
$ref: '#/components/schemas/Connectors_cert_type'
createCommentJson:
description: >
A JSON payload sent to the create comment URL to create a case
Expand Down Expand Up @@ -11827,11 +11859,7 @@ components:
example: 'https://example.com/issue/{{{external.system.id}}}'
type: string
hasAuth:
default: true
description: >-
If true, a username and password for login type authentication must
be provided.
type: boolean
$ref: '#/components/schemas/Connectors_has_auth'
headers:
description: >
A set of key-value pairs sent as headers with the request URLs for
Expand Down Expand Up @@ -11870,6 +11898,8 @@ components:
hostname to the allowed hosts.
example: 'https://example.com/issue/{{{external.system.ID}}}'
type: string
verificationMode:
$ref: '#/components/schemas/Connectors_verification_mode'
viewIncidentUrl:
description: >
The URL to view the case in the external system. You can use
Expand Down Expand Up @@ -12445,33 +12475,13 @@ components:
description: Defines properties for connectors when type is `.webhook`.
properties:
authType:
description: |
The type of authentication to use: basic, SSL, or none.
enum:
- webhook-authentication-basic
- webhook-authentication-ssl
nullable: true
type: string
$ref: '#/components/schemas/Connectors_auth_type'
ca:
description: >
A base64 encoded version of the certificate authority file that the
connector can trust to sign and validate certificates. This option
is available for all authentication types.
type: string
$ref: '#/components/schemas/Connectors_ca'
certType:
description: >
If the `authType` is `webhook-authentication-ssl`, specifies whether
the certificate authentication data is in a CRT and key file format
or a PFX file format.
enum:
- ssl-crt-key
- ssl-pfx
type: string
$ref: '#/components/schemas/Connectors_cert_type'
hasAuth:
description: >
If `true`, a user name and password must be provided for login type
authentication.
type: boolean
$ref: '#/components/schemas/Connectors_has_auth'
headers:
description: A set of key-value pairs sent as headers with the request.
nullable: true
Expand All @@ -12490,21 +12500,7 @@ components:
setting, add the hostname to the allowed hosts.
type: string
verificationMode:
default: full
description: >
Controls the verification of certificates. Use `full` to validate
that the certificate has an issue date within the `not_before` and
`not_after` dates, chains to a trusted certificate authority (CA),
and has a hostname or IP address that matches the names within the
certificate. Use `certificate` to validate the certificate and
verify that it is signed by a trusted authority; this option does
not check the certificate hostname. Use `none` to skip certificate
validation.
enum:
- certificate
- full
- none
type: string
$ref: '#/components/schemas/Connectors_verification_mode'
title: Connector request properties for a Webhook connector
type: object
Connectors_config_properties_xmatters:
Expand Down Expand Up @@ -14097,6 +14093,12 @@ components:
- secrets
title: Create xMatters connector request
type: object
Connectors_crt:
description: >-
If `authType` is `webhook-authentication-ssl` and `certType` is
`ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file.
title: Certificate
type: string
Connectors_features:
description: |
The feature that uses the connector.
Expand All @@ -14109,6 +14111,13 @@ components:
- siem
- uptime
type: string
Connectors_has_auth:
default: true
description: >-
If true, a username and password for login type authentication must be
provided.
title: Has authentication
type: boolean
Connectors_is_deprecated:
description: Indicates whether the connector type is deprecated.
example: false
Expand All @@ -14129,6 +14138,18 @@ components:
description: Indicates whether the connector is used for system actions.
example: false
type: boolean
Connectors_key:
description: >-
If `authType` is `webhook-authentication-ssl` and `certType` is
`ssl-crt-key`, it is a base64 encoded version of the KEY file.
title: Certificate key
type: string
Connectors_pfx:
description: >-
If `authType` is `webhook-authentication-ssl` and `certType` is
`ssl-pfx`, it is a base64 encoded version of the PFX or P12 file.
title: Personal information exchange
type: string
Connectors_referenced_by_count:
description: >
Indicates the number of saved objects that reference the connector. If
Expand All @@ -14154,15 +14175,23 @@ components:
title: Connector secrets properties for Webhook - Case Management connector
type: object
properties:
crt:
$ref: '#/components/schemas/Connectors_crt'
key:
$ref: '#/components/schemas/Connectors_key'
password:
description: >-
description: >
The password for HTTP basic authentication. If `hasAuth` is set to
`true`, this property is required.
`true` and and `authType` is `webhook-authentication-basic`, this
property is required.
type: string
pfx:
$ref: '#/components/schemas/Connectors_pfx'
user:
description: >-
description: >
The username for HTTP basic authentication. If `hasAuth` is set to
`true`, this property is required.
`true` and `authType` is `webhook-authentication-basic`, this
property is required.
type: string
Connectors_secrets_properties_d3security:
description: Defines secrets for connectors when type is `.d3security`.
Expand Down Expand Up @@ -14378,27 +14407,17 @@ components:
description: Defines secrets for connectors when type is `.webhook`.
properties:
crt:
description: >-
If `authType` is `webhook-authentication-ssl` and `certType` is
`ssl-crt-key`, it is a base64 encoded version of the CRT or CERT
file.
type: string
$ref: '#/components/schemas/Connectors_crt'
key:
description: >-
If `authType` is `webhook-authentication-ssl` and `certType` is
`ssl-crt-key`, it is a base64 encoded version of the KEY file.
type: string
$ref: '#/components/schemas/Connectors_key'
password:
description: >
The password for HTTP basic authentication or the passphrase for the
SSL certificate files. If `hasAuth` is set to `true` and `authType`
is `webhook-authentication-basic`, this property is required.
type: string
pfx:
description: >-
If `authType` is `webhook-authentication-ssl` and `certType` is
`ssl-pfx`, it is a base64 encoded version of the PFX or P12 file.
type: string
$ref: '#/components/schemas/Connectors_pfx'
user:
description: >
The username for HTTP basic authentication. If `hasAuth` is set to
Expand Down Expand Up @@ -14770,6 +14789,22 @@ components:
- config
- name
- secrets
Connectors_verification_mode:
default: full
description: >
Controls the verification of certificates. Use `full` to validate that
the certificate has an issue date within the `not_before` and
`not_after` dates, chains to a trusted certificate authority (CA), and
has a hostname or IP address that matches the names within the
certificate. Use `certificate` to validate the certificate and verify
that it is signed by a trusted authority; this option does not check the
certificate hostname. Use `none` to skip certificate validation.
enum:
- certificate
- full
- none
title: Verification mode
type: string
Data_views_400_response:
title: Bad request
type: object
Expand Down
Loading

0 comments on commit 19dd65c

Please sign in to comment.