diff --git a/docs/management/connectors/action-types/cases-webhook.asciidoc b/docs/management/connectors/action-types/cases-webhook.asciidoc index 6451998c421e2..b7904afad7d7c 100644 --- a/docs/management/connectors/action-types/cases-webhook.asciidoc +++ b/docs/management/connectors/action-types/cases-webhook.asciidoc @@ -51,9 +51,20 @@ image::management/connectors/images/cases-webhook-connector-comments.png[Add cas {webhook-cm} connectors have the following configuration properties: -Add HTTP header:: -A set of key-value pairs sent as headers with the request URLs for the create case, update case, get case, and create comment methods. -For example, set `Content-Type` to the appropriate media type for your requests. +Authentication:: +The authentication type: none, basic, or SSL. +If you choose basic authentication, you must provide a user name and password. +If you choose SSL authentication, you must provide SSL server certificate authentication data in a CRT and key file format or a PFX file format. +You can also optionally provide a passphrase if the files are password-protected. + +Certificate authority:: +A certificate authority (CA) that the connector can trust, for example to sign and validate server certificates. +This option is available for all authentication types. +You can choose from the following verification modes: + +- `Full`: Validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority, and has a hostname or IP address that matches the names within the certificate. +- `Certificate`: Validate that the certificate it is signed by a trusted authority. This option does not check the certificate hostname. +- `None`: Skip certificate validation. Create case method:: The REST API HTTP request method to create a case in the third-party system: `post`(default), `put`, or `patch`. @@ -143,11 +154,9 @@ https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.id}}} NOTE: Due to Mustache template variables (the text enclosed in triple braces, for example, `{{{case.title}}}`), the JSON is not validated in this step. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. -- -Require authentication:: -If true, a username and password for login type authentication must be provided. - -Password:: -The password for HTTP basic authentication. +HTTP headers:: +A set of key-value pairs sent as headers with the request URLs for the create case, update case, get case, and create comment methods. +For example, set `Content-Type` to the appropriate media type for your requests. Update case method:: The REST API HTTP request method to update the case in the third-party system: `post`, `put`(default), or `patch`. @@ -185,9 +194,6 @@ For example: https://testing-jira.atlassian.net/rest/api/2/issue/{{{external.system.ID}}} -- -Username:: -The username for HTTP basic authentication. - [float] [[cases-webhook-action-configuration]] === Test connectors diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index 363fc33d89a3e..95791618ee7e2 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -11720,6 +11720,32 @@ components: type: number description: Generic Error schemas: + Connectors_auth_type: + description: | + The type of authentication to use: basic, SSL, or none. + enum: + - webhook-authentication-basic + - webhook-authentication-ssl + nullable: true + title: Authentication type + type: string + Connectors_ca: + description: > + A base64 encoded version of the certificate authority file that the + connector can trust to sign and validate certificates. This option is + available for all authentication types. + title: Certificate authority + type: string + Connectors_cert_type: + description: > + If the `authType` is `webhook-authentication-ssl`, specifies whether the + certificate authentication data is in a CRT and key file format or a PFX + file format. + enum: + - ssl-crt-key + - ssl-pfx + title: Certificate type + type: string Connectors_config_properties_bedrock: description: Defines properties for connectors when type is `.bedrock`. properties: @@ -11740,6 +11766,12 @@ components: description: Defines properties for connectors when type is `.cases-webhook`. type: object properties: + authType: + $ref: '#/components/schemas/Connectors_auth_type' + ca: + $ref: '#/components/schemas/Connectors_ca' + certType: + $ref: '#/components/schemas/Connectors_cert_type' createCommentJson: description: > A JSON payload sent to the create comment URL to create a case @@ -11827,11 +11859,7 @@ components: example: 'https://example.com/issue/{{{external.system.id}}}' type: string hasAuth: - default: true - description: >- - If true, a username and password for login type authentication must - be provided. - type: boolean + $ref: '#/components/schemas/Connectors_has_auth' headers: description: > A set of key-value pairs sent as headers with the request URLs for @@ -11870,6 +11898,8 @@ components: hostname to the allowed hosts. example: 'https://example.com/issue/{{{external.system.ID}}}' type: string + verificationMode: + $ref: '#/components/schemas/Connectors_verification_mode' viewIncidentUrl: description: > The URL to view the case in the external system. You can use @@ -12445,33 +12475,13 @@ components: description: Defines properties for connectors when type is `.webhook`. properties: authType: - description: | - The type of authentication to use: basic, SSL, or none. - enum: - - webhook-authentication-basic - - webhook-authentication-ssl - nullable: true - type: string + $ref: '#/components/schemas/Connectors_auth_type' ca: - description: > - A base64 encoded version of the certificate authority file that the - connector can trust to sign and validate certificates. This option - is available for all authentication types. - type: string + $ref: '#/components/schemas/Connectors_ca' certType: - description: > - If the `authType` is `webhook-authentication-ssl`, specifies whether - the certificate authentication data is in a CRT and key file format - or a PFX file format. - enum: - - ssl-crt-key - - ssl-pfx - type: string + $ref: '#/components/schemas/Connectors_cert_type' hasAuth: - description: > - If `true`, a user name and password must be provided for login type - authentication. - type: boolean + $ref: '#/components/schemas/Connectors_has_auth' headers: description: A set of key-value pairs sent as headers with the request. nullable: true @@ -12490,21 +12500,7 @@ components: setting, add the hostname to the allowed hosts. type: string verificationMode: - default: full - description: > - Controls the verification of certificates. Use `full` to validate - that the certificate has an issue date within the `not_before` and - `not_after` dates, chains to a trusted certificate authority (CA), - and has a hostname or IP address that matches the names within the - certificate. Use `certificate` to validate the certificate and - verify that it is signed by a trusted authority; this option does - not check the certificate hostname. Use `none` to skip certificate - validation. - enum: - - certificate - - full - - none - type: string + $ref: '#/components/schemas/Connectors_verification_mode' title: Connector request properties for a Webhook connector type: object Connectors_config_properties_xmatters: @@ -14097,6 +14093,12 @@ components: - secrets title: Create xMatters connector request type: object + Connectors_crt: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file. + title: Certificate + type: string Connectors_features: description: | The feature that uses the connector. @@ -14109,6 +14111,13 @@ components: - siem - uptime type: string + Connectors_has_auth: + default: true + description: >- + If true, a username and password for login type authentication must be + provided. + title: Has authentication + type: boolean Connectors_is_deprecated: description: Indicates whether the connector type is deprecated. example: false @@ -14129,6 +14138,18 @@ components: description: Indicates whether the connector is used for system actions. example: false type: boolean + Connectors_key: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-crt-key`, it is a base64 encoded version of the KEY file. + title: Certificate key + type: string + Connectors_pfx: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. + title: Personal information exchange + type: string Connectors_referenced_by_count: description: > Indicates the number of saved objects that reference the connector. If @@ -14154,15 +14175,23 @@ components: title: Connector secrets properties for Webhook - Case Management connector type: object properties: + crt: + $ref: '#/components/schemas/Connectors_crt' + key: + $ref: '#/components/schemas/Connectors_key' password: - description: >- + description: > The password for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. + `true` and and `authType` is `webhook-authentication-basic`, this + property is required. type: string + pfx: + $ref: '#/components/schemas/Connectors_pfx' user: - description: >- + description: > The username for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. + `true` and `authType` is `webhook-authentication-basic`, this + property is required. type: string Connectors_secrets_properties_d3security: description: Defines secrets for connectors when type is `.d3security`. @@ -14378,16 +14407,9 @@ components: description: Defines secrets for connectors when type is `.webhook`. properties: crt: - description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT - file. - type: string + $ref: '#/components/schemas/Connectors_crt' key: - description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-crt-key`, it is a base64 encoded version of the KEY file. - type: string + $ref: '#/components/schemas/Connectors_key' password: description: > The password for HTTP basic authentication or the passphrase for the @@ -14395,10 +14417,7 @@ components: is `webhook-authentication-basic`, this property is required. type: string pfx: - description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. - type: string + $ref: '#/components/schemas/Connectors_pfx' user: description: > The username for HTTP basic authentication. If `hasAuth` is set to @@ -14770,6 +14789,22 @@ components: - config - name - secrets + Connectors_verification_mode: + default: full + description: > + Controls the verification of certificates. Use `full` to validate that + the certificate has an issue date within the `not_before` and + `not_after` dates, chains to a trusted certificate authority (CA), and + has a hostname or IP address that matches the names within the + certificate. Use `certificate` to validate the certificate and verify + that it is signed by a trusted authority; this option does not check the + certificate hostname. Use `none` to skip certificate validation. + enum: + - certificate + - full + - none + title: Verification mode + type: string Data_views_400_response: title: Bad request type: object diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index d5ad2469780bc..08c1c14fa6160 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -19312,6 +19312,32 @@ components: type: string title: Action response properties type: object + Connectors_auth_type: + description: | + The type of authentication to use: basic, SSL, or none. + enum: + - webhook-authentication-basic + - webhook-authentication-ssl + nullable: true + title: Authentication type + type: string + Connectors_ca: + description: > + A base64 encoded version of the certificate authority file that the + connector can trust to sign and validate certificates. This option is + available for all authentication types. + title: Certificate authority + type: string + Connectors_cert_type: + description: > + If the `authType` is `webhook-authentication-ssl`, specifies whether the + certificate authentication data is in a CRT and key file format or a PFX + file format. + enum: + - ssl-crt-key + - ssl-pfx + title: Certificate type + type: string Connectors_config_properties_bedrock: description: Defines properties for connectors when type is `.bedrock`. properties: @@ -19332,6 +19358,12 @@ components: description: Defines properties for connectors when type is `.cases-webhook`. type: object properties: + authType: + $ref: '#/components/schemas/Connectors_auth_type' + ca: + $ref: '#/components/schemas/Connectors_ca' + certType: + $ref: '#/components/schemas/Connectors_cert_type' createCommentJson: description: > A JSON payload sent to the create comment URL to create a case @@ -19419,11 +19451,7 @@ components: example: 'https://example.com/issue/{{{external.system.id}}}' type: string hasAuth: - default: true - description: >- - If true, a username and password for login type authentication must - be provided. - type: boolean + $ref: '#/components/schemas/Connectors_has_auth' headers: description: > A set of key-value pairs sent as headers with the request URLs for @@ -19462,6 +19490,8 @@ components: hostname to the allowed hosts. example: 'https://example.com/issue/{{{external.system.ID}}}' type: string + verificationMode: + $ref: '#/components/schemas/Connectors_verification_mode' viewIncidentUrl: description: > The URL to view the case in the external system. You can use @@ -20037,33 +20067,13 @@ components: description: Defines properties for connectors when type is `.webhook`. properties: authType: - description: | - The type of authentication to use: basic, SSL, or none. - enum: - - webhook-authentication-basic - - webhook-authentication-ssl - nullable: true - type: string + $ref: '#/components/schemas/Connectors_auth_type' ca: - description: > - A base64 encoded version of the certificate authority file that the - connector can trust to sign and validate certificates. This option - is available for all authentication types. - type: string + $ref: '#/components/schemas/Connectors_ca' certType: - description: > - If the `authType` is `webhook-authentication-ssl`, specifies whether - the certificate authentication data is in a CRT and key file format - or a PFX file format. - enum: - - ssl-crt-key - - ssl-pfx - type: string + $ref: '#/components/schemas/Connectors_cert_type' hasAuth: - description: > - If `true`, a user name and password must be provided for login type - authentication. - type: boolean + $ref: '#/components/schemas/Connectors_has_auth' headers: description: A set of key-value pairs sent as headers with the request. nullable: true @@ -20082,21 +20092,7 @@ components: setting, add the hostname to the allowed hosts. type: string verificationMode: - default: full - description: > - Controls the verification of certificates. Use `full` to validate - that the certificate has an issue date within the `not_before` and - `not_after` dates, chains to a trusted certificate authority (CA), - and has a hostname or IP address that matches the names within the - certificate. Use `certificate` to validate the certificate and - verify that it is signed by a trusted authority; this option does - not check the certificate hostname. Use `none` to skip certificate - validation. - enum: - - certificate - - full - - none - type: string + $ref: '#/components/schemas/Connectors_verification_mode' title: Connector request properties for a Webhook connector type: object Connectors_config_properties_xmatters: @@ -21689,6 +21685,12 @@ components: - secrets title: Create xMatters connector request type: object + Connectors_crt: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file. + title: Certificate + type: string Connectors_features: description: | The feature that uses the connector. @@ -21701,6 +21703,13 @@ components: - siem - uptime type: string + Connectors_has_auth: + default: true + description: >- + If true, a username and password for login type authentication must be + provided. + title: Has authentication + type: boolean Connectors_is_deprecated: description: Indicates whether the connector type is deprecated. example: false @@ -21721,6 +21730,18 @@ components: description: Indicates whether the connector is used for system actions. example: false type: boolean + Connectors_key: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-crt-key`, it is a base64 encoded version of the KEY file. + title: Certificate key + type: string + Connectors_pfx: + description: >- + If `authType` is `webhook-authentication-ssl` and `certType` is + `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. + title: Personal information exchange + type: string Connectors_referenced_by_count: description: > Indicates the number of saved objects that reference the connector. If @@ -22681,15 +22702,23 @@ components: title: Connector secrets properties for Webhook - Case Management connector type: object properties: + crt: + $ref: '#/components/schemas/Connectors_crt' + key: + $ref: '#/components/schemas/Connectors_key' password: - description: >- + description: > The password for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. + `true` and and `authType` is `webhook-authentication-basic`, this + property is required. type: string + pfx: + $ref: '#/components/schemas/Connectors_pfx' user: - description: >- + description: > The username for HTTP basic authentication. If `hasAuth` is set to - `true`, this property is required. + `true` and `authType` is `webhook-authentication-basic`, this + property is required. type: string Connectors_secrets_properties_d3security: description: Defines secrets for connectors when type is `.d3security`. @@ -22905,16 +22934,9 @@ components: description: Defines secrets for connectors when type is `.webhook`. properties: crt: - description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT - file. - type: string + $ref: '#/components/schemas/Connectors_crt' key: - description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-crt-key`, it is a base64 encoded version of the KEY file. - type: string + $ref: '#/components/schemas/Connectors_key' password: description: > The password for HTTP basic authentication or the passphrase for the @@ -22922,10 +22944,7 @@ components: is `webhook-authentication-basic`, this property is required. type: string pfx: - description: >- - If `authType` is `webhook-authentication-ssl` and `certType` is - `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. - type: string + $ref: '#/components/schemas/Connectors_pfx' user: description: > The username for HTTP basic authentication. If `hasAuth` is set to @@ -23297,6 +23316,22 @@ components: - config - name - secrets + Connectors_verification_mode: + default: full + description: > + Controls the verification of certificates. Use `full` to validate that + the certificate has an issue date within the `not_before` and + `not_after` dates, chains to a trusted certificate authority (CA), and + has a hostname or IP address that matches the names within the + certificate. Use `certificate` to validate the certificate and verify + that it is signed by a trusted authority; this option does not check the + certificate hostname. Use `none` to skip certificate validation. + enum: + - certificate + - full + - none + title: Verification mode + type: string Data_views_400_response: title: Bad request type: object diff --git a/x-pack/plugins/actions/docs/openapi/bundled.json b/x-pack/plugins/actions/docs/openapi/bundled.json index 20a3c4391c458..d2f852374b926 100644 --- a/x-pack/plugins/actions/docs/openapi/bundled.json +++ b/x-pack/plugins/actions/docs/openapi/bundled.json @@ -1700,6 +1700,47 @@ } } }, + "auth_type": { + "title": "Authentication type", + "type": "string", + "nullable": true, + "enum": [ + "webhook-authentication-basic", + "webhook-authentication-ssl" + ], + "description": "The type of authentication to use: basic, SSL, or none.\n" + }, + "ca": { + "title": "Certificate authority", + "type": "string", + "description": "A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types.\n" + }, + "cert_type": { + "title": "Certificate type", + "type": "string", + "description": "If the `authType` is `webhook-authentication-ssl`, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format.\n", + "enum": [ + "ssl-crt-key", + "ssl-pfx" + ] + }, + "has_auth": { + "title": "Has authentication", + "type": "boolean", + "description": "If true, a username and password for login type authentication must be provided.", + "default": true + }, + "verification_mode": { + "title": "Verification mode", + "type": "string", + "enum": [ + "certificate", + "full", + "none" + ], + "default": "full", + "description": "Controls the verification of certificates. Use `full` to validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Use `certificate` to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Use `none` to skip certificate validation.\n" + }, "config_properties_cases_webhook": { "title": "Connector request properties for Webhook - Case Management connector", "required": [ @@ -1715,6 +1756,15 @@ "description": "Defines properties for connectors when type is `.cases-webhook`.", "type": "object", "properties": { + "authType": { + "$ref": "#/components/schemas/auth_type" + }, + "ca": { + "$ref": "#/components/schemas/ca" + }, + "certType": { + "$ref": "#/components/schemas/cert_type" + }, "createCommentJson": { "type": "string", "description": "A JSON payload sent to the create comment URL to create a case comment. You can use variables to add Kibana Cases data to the payload. The required variable is `case.comment`. Due to Mustache template variables (the text enclosed in triple braces, for example, `{{{case.title}}}`), the JSON is not validated when you create the connector. The JSON is validated once the Mustache variables have been placed when the REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass.\n", @@ -1768,9 +1818,7 @@ "example": "https://example.com/issue/{{{external.system.id}}}" }, "hasAuth": { - "type": "boolean", - "description": "If true, a username and password for login type authentication must be provided.", - "default": true + "$ref": "#/components/schemas/has_auth" }, "headers": { "type": "string", @@ -1796,6 +1844,9 @@ "description": "The REST API URL to update the case by ID in the third-party system. You can use a variable to add the external system ID to the URL. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts.\n", "example": "https://example.com/issue/{{{external.system.ID}}}" }, + "verificationMode": { + "$ref": "#/components/schemas/verification_mode" + }, "viewIncidentUrl": { "type": "string", "description": "The URL to view the case in the external system. You can use variables to add the external system ID or external system title to the URL.\n", @@ -1803,17 +1854,41 @@ } } }, + "crt": { + "title": "Certificate", + "type": "string", + "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file." + }, + "key": { + "title": "Certificate key", + "type": "string", + "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the KEY file." + }, + "pfx": { + "title": "Personal information exchange", + "type": "string", + "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file." + }, "secrets_properties_cases_webhook": { "title": "Connector secrets properties for Webhook - Case Management connector", "type": "object", "properties": { + "crt": { + "$ref": "#/components/schemas/crt" + }, + "key": { + "$ref": "#/components/schemas/key" + }, + "pfx": { + "$ref": "#/components/schemas/pfx" + }, "password": { "type": "string", - "description": "The password for HTTP basic authentication. If `hasAuth` is set to `true`, this property is required." + "description": "The password for HTTP basic authentication. If `hasAuth` is set to `true` and and `authType` is `webhook-authentication-basic`, this property is required.\n" }, "user": { "type": "string", - "description": "The username for HTTP basic authentication. If `hasAuth` is set to `true`, this property is required." + "description": "The username for HTTP basic authentication. If `hasAuth` is set to `true` and `authType` is `webhook-authentication-basic`, this property is required.\n" } } }, @@ -2668,29 +2743,16 @@ "type": "object", "properties": { "authType": { - "type": "string", - "nullable": true, - "enum": [ - "webhook-authentication-basic", - "webhook-authentication-ssl" - ], - "description": "The type of authentication to use: basic, SSL, or none.\n" + "$ref": "#/components/schemas/auth_type" }, "ca": { - "type": "string", - "description": "A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types.\n" + "$ref": "#/components/schemas/ca" }, "certType": { - "type": "string", - "description": "If the `authType` is `webhook-authentication-ssl`, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format.\n", - "enum": [ - "ssl-crt-key", - "ssl-pfx" - ] + "$ref": "#/components/schemas/cert_type" }, "hasAuth": { - "type": "boolean", - "description": "If `true`, a user name and password must be provided for login type authentication.\n" + "$ref": "#/components/schemas/has_auth" }, "headers": { "type": "object", @@ -2711,14 +2773,7 @@ "description": "The request URL. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts.\n" }, "verificationMode": { - "type": "string", - "enum": [ - "certificate", - "full", - "none" - ], - "default": "full", - "description": "Controls the verification of certificates. Use `full` to validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Use `certificate` to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Use `none` to skip certificate validation.\n" + "$ref": "#/components/schemas/verification_mode" } } }, @@ -2728,16 +2783,13 @@ "type": "object", "properties": { "crt": { - "type": "string", - "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file." + "$ref": "#/components/schemas/crt" }, "key": { - "type": "string", - "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the KEY file." + "$ref": "#/components/schemas/key" }, "pfx": { - "type": "string", - "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file." + "$ref": "#/components/schemas/pfx" }, "password": { "type": "string", diff --git a/x-pack/plugins/actions/docs/openapi/bundled.yaml b/x-pack/plugins/actions/docs/openapi/bundled.yaml index b8ee30f08be4b..8797a87b32eeb 100644 --- a/x-pack/plugins/actions/docs/openapi/bundled.yaml +++ b/x-pack/plugins/actions/docs/openapi/bundled.yaml @@ -1196,6 +1196,43 @@ components: credentialsJSON: type: string description: The service account credentials JSON file. The service account should have Vertex AI user IAM role assigned to it. + auth_type: + title: Authentication type + type: string + nullable: true + enum: + - webhook-authentication-basic + - webhook-authentication-ssl + description: | + The type of authentication to use: basic, SSL, or none. + ca: + title: Certificate authority + type: string + description: | + A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types. + cert_type: + title: Certificate type + type: string + description: | + If the `authType` is `webhook-authentication-ssl`, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format. + enum: + - ssl-crt-key + - ssl-pfx + has_auth: + title: Has authentication + type: boolean + description: If true, a username and password for login type authentication must be provided. + default: true + verification_mode: + title: Verification mode + type: string + enum: + - certificate + - full + - none + default: full + description: | + Controls the verification of certificates. Use `full` to validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Use `certificate` to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Use `none` to skip certificate validation. config_properties_cases_webhook: title: Connector request properties for Webhook - Case Management connector required: @@ -1210,6 +1247,12 @@ components: description: Defines properties for connectors when type is `.cases-webhook`. type: object properties: + authType: + $ref: '#/components/schemas/auth_type' + ca: + $ref: '#/components/schemas/ca' + certType: + $ref: '#/components/schemas/cert_type' createCommentJson: type: string description: | @@ -1259,9 +1302,7 @@ components: The REST API URL to get the case by ID from the third-party system. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts. You can use a variable to add the external system ID to the URL. Due to Mustache template variables (the text enclosed in triple braces, for example, `{{{case.title}}}`), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. example: https://example.com/issue/{{{external.system.id}}} hasAuth: - type: boolean - description: If true, a username and password for login type authentication must be provided. - default: true + $ref: '#/components/schemas/has_auth' headers: type: string description: | @@ -1285,21 +1326,43 @@ components: description: | The REST API URL to update the case by ID in the third-party system. You can use a variable to add the external system ID to the URL. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts. example: https://example.com/issue/{{{external.system.ID}}} + verificationMode: + $ref: '#/components/schemas/verification_mode' viewIncidentUrl: type: string description: | The URL to view the case in the external system. You can use variables to add the external system ID or external system title to the URL. example: https://testing-jira.atlassian.net/browse/{{{external.system.title}}} + crt: + title: Certificate + type: string + description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file. + key: + title: Certificate key + type: string + description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the KEY file. + pfx: + title: Personal information exchange + type: string + description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. secrets_properties_cases_webhook: title: Connector secrets properties for Webhook - Case Management connector type: object properties: + crt: + $ref: '#/components/schemas/crt' + key: + $ref: '#/components/schemas/key' + pfx: + $ref: '#/components/schemas/pfx' password: type: string - description: The password for HTTP basic authentication. If `hasAuth` is set to `true`, this property is required. + description: | + The password for HTTP basic authentication. If `hasAuth` is set to `true` and and `authType` is `webhook-authentication-basic`, this property is required. user: type: string - description: The username for HTTP basic authentication. If `hasAuth` is set to `true`, this property is required. + description: | + The username for HTTP basic authentication. If `hasAuth` is set to `true` and `authType` is `webhook-authentication-basic`, this property is required. config_properties_d3security: title: Connector request properties for a D3 Security connector description: Defines properties for connectors when type is `.d3security`. @@ -1959,28 +2022,13 @@ components: type: object properties: authType: - type: string - nullable: true - enum: - - webhook-authentication-basic - - webhook-authentication-ssl - description: | - The type of authentication to use: basic, SSL, or none. + $ref: '#/components/schemas/auth_type' ca: - type: string - description: | - A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types. + $ref: '#/components/schemas/ca' certType: - type: string - description: | - If the `authType` is `webhook-authentication-ssl`, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format. - enum: - - ssl-crt-key - - ssl-pfx + $ref: '#/components/schemas/cert_type' hasAuth: - type: boolean - description: | - If `true`, a user name and password must be provided for login type authentication. + $ref: '#/components/schemas/has_auth' headers: type: object nullable: true @@ -1998,28 +2046,18 @@ components: description: | The request URL. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts. verificationMode: - type: string - enum: - - certificate - - full - - none - default: full - description: | - Controls the verification of certificates. Use `full` to validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Use `certificate` to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Use `none` to skip certificate validation. + $ref: '#/components/schemas/verification_mode' secrets_properties_webhook: title: Connector secrets properties for a Webhook connector description: Defines secrets for connectors when type is `.webhook`. type: object properties: crt: - type: string - description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file. + $ref: '#/components/schemas/crt' key: - type: string - description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the KEY file. + $ref: '#/components/schemas/key' pfx: - type: string - description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. + $ref: '#/components/schemas/pfx' password: type: string description: | diff --git a/x-pack/plugins/actions/docs/openapi/bundled_serverless.json b/x-pack/plugins/actions/docs/openapi/bundled_serverless.json index ac42e68e89a09..575d6a03b5136 100644 --- a/x-pack/plugins/actions/docs/openapi/bundled_serverless.json +++ b/x-pack/plugins/actions/docs/openapi/bundled_serverless.json @@ -1242,6 +1242,47 @@ } } }, + "auth_type": { + "title": "Authentication type", + "type": "string", + "nullable": true, + "enum": [ + "webhook-authentication-basic", + "webhook-authentication-ssl" + ], + "description": "The type of authentication to use: basic, SSL, or none.\n" + }, + "ca": { + "title": "Certificate authority", + "type": "string", + "description": "A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types.\n" + }, + "cert_type": { + "title": "Certificate type", + "type": "string", + "description": "If the `authType` is `webhook-authentication-ssl`, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format.\n", + "enum": [ + "ssl-crt-key", + "ssl-pfx" + ] + }, + "has_auth": { + "title": "Has authentication", + "type": "boolean", + "description": "If true, a username and password for login type authentication must be provided.", + "default": true + }, + "verification_mode": { + "title": "Verification mode", + "type": "string", + "enum": [ + "certificate", + "full", + "none" + ], + "default": "full", + "description": "Controls the verification of certificates. Use `full` to validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Use `certificate` to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Use `none` to skip certificate validation.\n" + }, "config_properties_cases_webhook": { "title": "Connector request properties for Webhook - Case Management connector", "required": [ @@ -1257,6 +1298,15 @@ "description": "Defines properties for connectors when type is `.cases-webhook`.", "type": "object", "properties": { + "authType": { + "$ref": "#/components/schemas/auth_type" + }, + "ca": { + "$ref": "#/components/schemas/ca" + }, + "certType": { + "$ref": "#/components/schemas/cert_type" + }, "createCommentJson": { "type": "string", "description": "A JSON payload sent to the create comment URL to create a case comment. You can use variables to add Kibana Cases data to the payload. The required variable is `case.comment`. Due to Mustache template variables (the text enclosed in triple braces, for example, `{{{case.title}}}`), the JSON is not validated when you create the connector. The JSON is validated once the Mustache variables have been placed when the REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass.\n", @@ -1310,9 +1360,7 @@ "example": "https://example.com/issue/{{{external.system.id}}}" }, "hasAuth": { - "type": "boolean", - "description": "If true, a username and password for login type authentication must be provided.", - "default": true + "$ref": "#/components/schemas/has_auth" }, "headers": { "type": "string", @@ -1338,6 +1386,9 @@ "description": "The REST API URL to update the case by ID in the third-party system. You can use a variable to add the external system ID to the URL. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts.\n", "example": "https://example.com/issue/{{{external.system.ID}}}" }, + "verificationMode": { + "$ref": "#/components/schemas/verification_mode" + }, "viewIncidentUrl": { "type": "string", "description": "The URL to view the case in the external system. You can use variables to add the external system ID or external system title to the URL.\n", @@ -1345,17 +1396,41 @@ } } }, + "crt": { + "title": "Certificate", + "type": "string", + "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file." + }, + "key": { + "title": "Certificate key", + "type": "string", + "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the KEY file." + }, + "pfx": { + "title": "Personal information exchange", + "type": "string", + "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file." + }, "secrets_properties_cases_webhook": { "title": "Connector secrets properties for Webhook - Case Management connector", "type": "object", "properties": { + "crt": { + "$ref": "#/components/schemas/crt" + }, + "key": { + "$ref": "#/components/schemas/key" + }, + "pfx": { + "$ref": "#/components/schemas/pfx" + }, "password": { "type": "string", - "description": "The password for HTTP basic authentication. If `hasAuth` is set to `true`, this property is required." + "description": "The password for HTTP basic authentication. If `hasAuth` is set to `true` and and `authType` is `webhook-authentication-basic`, this property is required.\n" }, "user": { "type": "string", - "description": "The username for HTTP basic authentication. If `hasAuth` is set to `true`, this property is required." + "description": "The username for HTTP basic authentication. If `hasAuth` is set to `true` and `authType` is `webhook-authentication-basic`, this property is required.\n" } } }, @@ -2210,29 +2285,16 @@ "type": "object", "properties": { "authType": { - "type": "string", - "nullable": true, - "enum": [ - "webhook-authentication-basic", - "webhook-authentication-ssl" - ], - "description": "The type of authentication to use: basic, SSL, or none.\n" + "$ref": "#/components/schemas/auth_type" }, "ca": { - "type": "string", - "description": "A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types.\n" + "$ref": "#/components/schemas/ca" }, "certType": { - "type": "string", - "description": "If the `authType` is `webhook-authentication-ssl`, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format.\n", - "enum": [ - "ssl-crt-key", - "ssl-pfx" - ] + "$ref": "#/components/schemas/cert_type" }, "hasAuth": { - "type": "boolean", - "description": "If `true`, a user name and password must be provided for login type authentication.\n" + "$ref": "#/components/schemas/has_auth" }, "headers": { "type": "object", @@ -2253,14 +2315,7 @@ "description": "The request URL. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts.\n" }, "verificationMode": { - "type": "string", - "enum": [ - "certificate", - "full", - "none" - ], - "default": "full", - "description": "Controls the verification of certificates. Use `full` to validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Use `certificate` to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Use `none` to skip certificate validation.\n" + "$ref": "#/components/schemas/verification_mode" } } }, @@ -2270,16 +2325,13 @@ "type": "object", "properties": { "crt": { - "type": "string", - "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file." + "$ref": "#/components/schemas/crt" }, "key": { - "type": "string", - "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the KEY file." + "$ref": "#/components/schemas/key" }, "pfx": { - "type": "string", - "description": "If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file." + "$ref": "#/components/schemas/pfx" }, "password": { "type": "string", diff --git a/x-pack/plugins/actions/docs/openapi/bundled_serverless.yaml b/x-pack/plugins/actions/docs/openapi/bundled_serverless.yaml index 3d5bcd7f9c703..cd14f92838d43 100644 --- a/x-pack/plugins/actions/docs/openapi/bundled_serverless.yaml +++ b/x-pack/plugins/actions/docs/openapi/bundled_serverless.yaml @@ -897,6 +897,43 @@ components: credentialsJSON: type: string description: The service account credentials JSON file. The service account should have Vertex AI user IAM role assigned to it. + auth_type: + title: Authentication type + type: string + nullable: true + enum: + - webhook-authentication-basic + - webhook-authentication-ssl + description: | + The type of authentication to use: basic, SSL, or none. + ca: + title: Certificate authority + type: string + description: | + A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types. + cert_type: + title: Certificate type + type: string + description: | + If the `authType` is `webhook-authentication-ssl`, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format. + enum: + - ssl-crt-key + - ssl-pfx + has_auth: + title: Has authentication + type: boolean + description: If true, a username and password for login type authentication must be provided. + default: true + verification_mode: + title: Verification mode + type: string + enum: + - certificate + - full + - none + default: full + description: | + Controls the verification of certificates. Use `full` to validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Use `certificate` to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Use `none` to skip certificate validation. config_properties_cases_webhook: title: Connector request properties for Webhook - Case Management connector required: @@ -911,6 +948,12 @@ components: description: Defines properties for connectors when type is `.cases-webhook`. type: object properties: + authType: + $ref: '#/components/schemas/auth_type' + ca: + $ref: '#/components/schemas/ca' + certType: + $ref: '#/components/schemas/cert_type' createCommentJson: type: string description: | @@ -960,9 +1003,7 @@ components: The REST API URL to get the case by ID from the third-party system. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts. You can use a variable to add the external system ID to the URL. Due to Mustache template variables (the text enclosed in triple braces, for example, `{{{case.title}}}`), the JSON is not validated when you create the connector. The JSON is validated after the Mustache variables have been placed when REST method runs. Manually ensure that the JSON is valid, disregarding the Mustache variables, so the later validation will pass. example: https://example.com/issue/{{{external.system.id}}} hasAuth: - type: boolean - description: If true, a username and password for login type authentication must be provided. - default: true + $ref: '#/components/schemas/has_auth' headers: type: string description: | @@ -986,21 +1027,43 @@ components: description: | The REST API URL to update the case by ID in the third-party system. You can use a variable to add the external system ID to the URL. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts. example: https://example.com/issue/{{{external.system.ID}}} + verificationMode: + $ref: '#/components/schemas/verification_mode' viewIncidentUrl: type: string description: | The URL to view the case in the external system. You can use variables to add the external system ID or external system title to the URL. example: https://testing-jira.atlassian.net/browse/{{{external.system.title}}} + crt: + title: Certificate + type: string + description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file. + key: + title: Certificate key + type: string + description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the KEY file. + pfx: + title: Personal information exchange + type: string + description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. secrets_properties_cases_webhook: title: Connector secrets properties for Webhook - Case Management connector type: object properties: + crt: + $ref: '#/components/schemas/crt' + key: + $ref: '#/components/schemas/key' + pfx: + $ref: '#/components/schemas/pfx' password: type: string - description: The password for HTTP basic authentication. If `hasAuth` is set to `true`, this property is required. + description: | + The password for HTTP basic authentication. If `hasAuth` is set to `true` and and `authType` is `webhook-authentication-basic`, this property is required. user: type: string - description: The username for HTTP basic authentication. If `hasAuth` is set to `true`, this property is required. + description: | + The username for HTTP basic authentication. If `hasAuth` is set to `true` and `authType` is `webhook-authentication-basic`, this property is required. config_properties_d3security: title: Connector request properties for a D3 Security connector description: Defines properties for connectors when type is `.d3security`. @@ -1660,28 +1723,13 @@ components: type: object properties: authType: - type: string - nullable: true - enum: - - webhook-authentication-basic - - webhook-authentication-ssl - description: | - The type of authentication to use: basic, SSL, or none. + $ref: '#/components/schemas/auth_type' ca: - type: string - description: | - A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. This option is available for all authentication types. + $ref: '#/components/schemas/ca' certType: - type: string - description: | - If the `authType` is `webhook-authentication-ssl`, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format. - enum: - - ssl-crt-key - - ssl-pfx + $ref: '#/components/schemas/cert_type' hasAuth: - type: boolean - description: | - If `true`, a user name and password must be provided for login type authentication. + $ref: '#/components/schemas/has_auth' headers: type: object nullable: true @@ -1699,28 +1747,18 @@ components: description: | The request URL. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts. verificationMode: - type: string - enum: - - certificate - - full - - none - default: full - description: | - Controls the verification of certificates. Use `full` to validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Use `certificate` to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. Use `none` to skip certificate validation. + $ref: '#/components/schemas/verification_mode' secrets_properties_webhook: title: Connector secrets properties for a Webhook connector description: Defines secrets for connectors when type is `.webhook`. type: object properties: crt: - type: string - description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file. + $ref: '#/components/schemas/crt' key: - type: string - description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the KEY file. + $ref: '#/components/schemas/key' pfx: - type: string - description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. + $ref: '#/components/schemas/pfx' password: type: string description: | diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/auth_type.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/auth_type.yaml new file mode 100644 index 0000000000000..9844ee96d7421 --- /dev/null +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/auth_type.yaml @@ -0,0 +1,8 @@ +title: Authentication type +type: string +nullable: true +enum: + - webhook-authentication-basic + - webhook-authentication-ssl +description: > + The type of authentication to use: basic, SSL, or none. \ No newline at end of file diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/ca.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/ca.yaml new file mode 100644 index 0000000000000..2463dba0a3daa --- /dev/null +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/ca.yaml @@ -0,0 +1,5 @@ +title: Certificate authority +type: string +description: > + A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. + This option is available for all authentication types. \ No newline at end of file diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/cert_type.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/cert_type.yaml new file mode 100644 index 0000000000000..b019d2a855fe8 --- /dev/null +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/cert_type.yaml @@ -0,0 +1,7 @@ +title: Certificate type +type: string +description: > + If the `authType` is `webhook-authentication-ssl`, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format. +enum: + - ssl-crt-key + - ssl-pfx \ No newline at end of file diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/config_properties_cases_webhook.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/config_properties_cases_webhook.yaml index b2a1ea8848ba7..a4a6c7762618b 100644 --- a/x-pack/plugins/actions/docs/openapi/components/schemas/config_properties_cases_webhook.yaml +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/config_properties_cases_webhook.yaml @@ -11,6 +11,12 @@ required: description: Defines properties for connectors when type is `.cases-webhook`. type: object properties: + authType: + $ref: 'auth_type.yaml' + ca: + $ref: 'ca.yaml' + certType: + $ref: 'cert_type.yaml' createCommentJson: type: string description: > @@ -88,9 +94,7 @@ properties: validation will pass. example: https://example.com/issue/{{{external.system.id}}} hasAuth: - type: boolean - description: If true, a username and password for login type authentication must be provided. - default: true + $ref: 'has_auth.yaml' headers: type: string description: > @@ -125,6 +129,8 @@ properties: can use a variable to add the external system ID to the URL. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts. example: https://example.com/issue/{{{external.system.ID}}} + verificationMode: + $ref: 'verification_mode.yaml' viewIncidentUrl: type: string description: > diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/config_properties_webhook.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/config_properties_webhook.yaml index bf073419a4e09..6a9110e934168 100644 --- a/x-pack/plugins/actions/docs/openapi/components/schemas/config_properties_webhook.yaml +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/config_properties_webhook.yaml @@ -3,29 +3,13 @@ description: Defines properties for connectors when type is `.webhook`. type: object properties: authType: - type: string - nullable: true - enum: - - webhook-authentication-basic - - webhook-authentication-ssl - description: > - The type of authentication to use: basic, SSL, or none. + $ref: 'auth_type.yaml' ca: - type: string - description: > - A base64 encoded version of the certificate authority file that the connector can trust to sign and validate certificates. - This option is available for all authentication types. + $ref: 'ca.yaml' certType: - type: string - description: > - If the `authType` is `webhook-authentication-ssl`, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format. - enum: - - ssl-crt-key - - ssl-pfx + $ref: 'cert_type.yaml' hasAuth: - type: boolean - description: > - If `true`, a user name and password must be provided for login type authentication. + $ref: 'has_auth.yaml' headers: type: object nullable: true @@ -44,14 +28,4 @@ properties: The request URL. If you are using the `xpack.actions.allowedHosts` setting, add the hostname to the allowed hosts. verificationMode: - type: string - enum: - - certificate - - full - - none - default: full - description: > - Controls the verification of certificates. - Use `full` to validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. - Use `certificate` to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. - Use `none` to skip certificate validation. + $ref: 'verification_mode.yaml' diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/crt.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/crt.yaml new file mode 100644 index 0000000000000..c75f55f57e90e --- /dev/null +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/crt.yaml @@ -0,0 +1,3 @@ +title: Certificate +type: string +description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file. \ No newline at end of file diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/has_auth.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/has_auth.yaml new file mode 100644 index 0000000000000..80a029e1a551f --- /dev/null +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/has_auth.yaml @@ -0,0 +1,4 @@ +title: Has authentication +type: boolean +description: If true, a username and password for login type authentication must be provided. +default: true \ No newline at end of file diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/key.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/key.yaml new file mode 100644 index 0000000000000..4ef5744c7ae35 --- /dev/null +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/key.yaml @@ -0,0 +1,3 @@ +title: Certificate key +type: string +description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the KEY file. \ No newline at end of file diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/pfx.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/pfx.yaml new file mode 100644 index 0000000000000..405bcb30e0d81 --- /dev/null +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/pfx.yaml @@ -0,0 +1,3 @@ +title: Personal information exchange +type: string +description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. \ No newline at end of file diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/secrets_properties_cases_webhook.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/secrets_properties_cases_webhook.yaml index 571a88975a0e8..89631c8a375b5 100644 --- a/x-pack/plugins/actions/docs/openapi/components/schemas/secrets_properties_cases_webhook.yaml +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/secrets_properties_cases_webhook.yaml @@ -1,9 +1,19 @@ title: Connector secrets properties for Webhook - Case Management connector type: object properties: + crt: + $ref: 'crt.yaml' + key: + $ref: 'key.yaml' + pfx: + $ref: 'pfx.yaml' password: type: string - description: The password for HTTP basic authentication. If `hasAuth` is set to `true`, this property is required. + description: > + The password for HTTP basic authentication. + If `hasAuth` is set to `true` and and `authType` is `webhook-authentication-basic`, this property is required. user: type: string - description: The username for HTTP basic authentication. If `hasAuth` is set to `true`, this property is required. \ No newline at end of file + description: > + The username for HTTP basic authentication. + If `hasAuth` is set to `true` and `authType` is `webhook-authentication-basic`, this property is required. \ No newline at end of file diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/secrets_properties_webhook.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/secrets_properties_webhook.yaml index 199e53971f56c..31adc68624e86 100644 --- a/x-pack/plugins/actions/docs/openapi/components/schemas/secrets_properties_webhook.yaml +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/secrets_properties_webhook.yaml @@ -3,14 +3,11 @@ description: Defines secrets for connectors when type is `.webhook`. type: object properties: crt: - type: string - description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the CRT or CERT file. + $ref: 'crt.yaml' key: - type: string - description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-crt-key`, it is a base64 encoded version of the KEY file. + $ref: 'key.yaml' pfx: - type: string - description: If `authType` is `webhook-authentication-ssl` and `certType` is `ssl-pfx`, it is a base64 encoded version of the PFX or P12 file. + $ref: 'pfx.yaml' password: type: string description: > diff --git a/x-pack/plugins/actions/docs/openapi/components/schemas/verification_mode.yaml b/x-pack/plugins/actions/docs/openapi/components/schemas/verification_mode.yaml new file mode 100644 index 0000000000000..34b513e860f3d --- /dev/null +++ b/x-pack/plugins/actions/docs/openapi/components/schemas/verification_mode.yaml @@ -0,0 +1,12 @@ +title: Verification mode +type: string +enum: + - certificate + - full + - none +default: full +description: > + Controls the verification of certificates. + Use `full` to validate that the certificate has an issue date within the `not_before` and `not_after` dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. + Use `certificate` to validate the certificate and verify that it is signed by a trusted authority; this option does not check the certificate hostname. + Use `none` to skip certificate validation. \ No newline at end of file