chore(slo): Migrate deprecated access tag (elastic#201824)

paulinashakirova · Nov 26, 2024 · d592522 · d592522
1 parent b663b43
commit d592522
Showing 1 changed file with 111 additions and 66 deletions.
diff --git a/x-pack/plugins/observability_solution/slo/server/routes/slo/route.ts b/x-pack/plugins/observability_solution/slo/server/routes/slo/route.ts
@@ -79,9 +79,11 @@ const getSpaceId = async (plugins: SLORoutesDependencies['plugins'], request: Ki
 
 const createSLORoute = createSloServerRoute({
   endpoint: 'POST /api/observability/slos 2023-10-31',
-  options: {
-    tags: ['access:slo_write'],
-    access: 'public',
+  options: { access: 'public' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_write'],
+    },
   },
   params: createSLOParamsSchema,
   handler: async ({ context, response, params, logger, request, plugins, corePlugins }) => {
@@ -134,9 +136,11 @@ const createSLORoute = createSloServerRoute({
 
 const inspectSLORoute = createSloServerRoute({
   endpoint: 'POST /internal/observability/slos/_inspect',
-  options: {
-    tags: ['access:slo_write'],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_write'],
+    },
   },
   params: createSLOParamsSchema,
   handler: async ({ context, params, logger, request, plugins, corePlugins }) => {
@@ -186,9 +190,11 @@ const inspectSLORoute = createSloServerRoute({
 
 const updateSLORoute = createSloServerRoute({
   endpoint: 'PUT /api/observability/slos/{id} 2023-10-31',
-  options: {
-    tags: ['access:slo_write'],
-    access: 'public',
+  options: { access: 'public' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_write'],
+    },
   },
   params: updateSLOParamsSchema,
   handler: async ({ context, request, params, logger, plugins, corePlugins }) => {
@@ -239,9 +245,11 @@ const updateSLORoute = createSloServerRoute({
 
 const deleteSLORoute = createSloServerRoute({
   endpoint: 'DELETE /api/observability/slos/{id} 2023-10-31',
-  options: {
-    tags: ['access:slo_write'],
-    access: 'public',
+  options: { access: 'public' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_write'],
+    },
   },
   params: deleteSLOParamsSchema,
   handler: async ({ request, response, context, params, logger, plugins }) => {
@@ -295,9 +303,11 @@ const deleteSLORoute = createSloServerRoute({
 
 const getSLORoute = createSloServerRoute({
   endpoint: 'GET /api/observability/slos/{id} 2023-10-31',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'public',
+  options: { access: 'public' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   params: getSLOParamsSchema,
   handler: async ({ request, context, params, logger, plugins }) => {
@@ -321,9 +331,11 @@ const getSLORoute = createSloServerRoute({
 
 const enableSLORoute = createSloServerRoute({
   endpoint: 'POST /api/observability/slos/{id}/enable 2023-10-31',
-  options: {
-    tags: ['access:slo_write'],
-    access: 'public',
+  options: { access: 'public' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_write'],
+    },
   },
   params: manageSLOParamsSchema,
   handler: async ({ request, response, context, params, logger, plugins }) => {
@@ -366,9 +378,11 @@ const enableSLORoute = createSloServerRoute({
 
 const disableSLORoute = createSloServerRoute({
   endpoint: 'POST /api/observability/slos/{id}/disable 2023-10-31',
-  options: {
-    tags: ['access:slo_write'],
-    access: 'public',
+  options: { access: 'public' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_write'],
+    },
   },
   params: manageSLOParamsSchema,
   handler: async ({ response, request, context, params, logger, plugins }) => {
@@ -410,9 +424,11 @@ const disableSLORoute = createSloServerRoute({
 
 const resetSLORoute = createSloServerRoute({
   endpoint: 'POST /api/observability/slos/{id}/_reset 2023-10-31',
-  options: {
-    tags: ['access:slo_write'],
-    access: 'public',
+  options: { access: 'public' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_write'],
+    },
   },
   params: resetSLOParamsSchema,
   handler: async ({ context, request, params, logger, plugins, corePlugins }) => {
@@ -463,9 +479,11 @@ const resetSLORoute = createSloServerRoute({
 
 const findSLORoute = createSloServerRoute({
   endpoint: 'GET /api/observability/slos 2023-10-31',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'public',
+  options: { access: 'public' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   params: findSLOParamsSchema,
   handler: async ({ context, request, params, logger, plugins }) => {
@@ -485,9 +503,11 @@ const findSLORoute = createSloServerRoute({
 
 const findSLOGroupsRoute = createSloServerRoute({
   endpoint: 'GET /internal/observability/slos/_groups',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   params: findSLOGroupsParamsSchema,
   handler: async ({ context, request, params, logger, plugins }) => {
@@ -504,9 +524,11 @@ const findSLOGroupsRoute = createSloServerRoute({
 
 const getSLOSuggestionsRoute = createSloServerRoute({
   endpoint: 'GET /internal/observability/slos/suggestions',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   handler: async ({ context, plugins }) => {
     await assertPlatinumLicense(plugins);
@@ -519,9 +541,11 @@ const getSLOSuggestionsRoute = createSloServerRoute({
 
 const deleteSloInstancesRoute = createSloServerRoute({
   endpoint: 'POST /api/observability/slos/_delete_instances 2023-10-31',
-  options: {
-    tags: ['access:slo_write'],
-    access: 'public',
+  options: { access: 'public' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_write'],
+    },
   },
   params: deleteSLOInstancesParamsSchema,
   handler: async ({ response, context, params, plugins }) => {
@@ -537,9 +561,11 @@ const deleteSloInstancesRoute = createSloServerRoute({
 
 const findSloDefinitionsRoute = createSloServerRoute({
   endpoint: 'GET /api/observability/slos/_definitions 2023-10-31',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'public',
+  options: { access: 'public' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   params: findSloDefinitionsParamsSchema,
   handler: async ({ context, params, logger, plugins }) => {
@@ -555,9 +581,11 @@ const findSloDefinitionsRoute = createSloServerRoute({
 
 const fetchHistoricalSummary = createSloServerRoute({
   endpoint: 'POST /internal/observability/slos/_historical_summary',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   params: fetchHistoricalSummaryParamsSchema,
   handler: async ({ context, params, plugins }) => {
@@ -572,9 +600,11 @@ const fetchHistoricalSummary = createSloServerRoute({
 
 const getSLOInstancesRoute = createSloServerRoute({
   endpoint: 'GET /internal/observability/slos/{id}/_instances',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   params: getSLOInstancesParamsSchema,
   handler: async ({ context, params, logger, plugins }) => {
@@ -591,9 +621,12 @@ const getSLOInstancesRoute = createSloServerRoute({
 
 const getDiagnosisRoute = createSloServerRoute({
   endpoint: 'GET /internal/observability/slos/_diagnosis',
-  options: {
-    tags: [],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      enabled: false,
+      reason: 'The endpoint is used to diagnose SLOs and does not require any specific privileges.',
+    },
   },
   params: undefined,
   handler: async ({ context, plugins }) => {
@@ -614,9 +647,11 @@ const getDiagnosisRoute = createSloServerRoute({
 
 const fetchSloHealthRoute = createSloServerRoute({
   endpoint: 'POST /internal/observability/slos/_health',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   params: fetchSLOHealthParamsSchema,
   handler: async ({ context, params, logger, plugins }) => {
@@ -636,9 +671,11 @@ const fetchSloHealthRoute = createSloServerRoute({
 
 const getSloBurnRates = createSloServerRoute({
   endpoint: 'POST /internal/observability/slos/{id}/_burn_rates',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   params: getSLOBurnRatesParamsSchema,
   handler: async ({ request, context, params, logger, plugins }) => {
@@ -669,9 +706,11 @@ const getSloBurnRates = createSloServerRoute({
 
 const getPreviewData = createSloServerRoute({
   endpoint: 'POST /internal/observability/slos/_preview',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   params: getPreviewDataParamsSchema,
   handler: async ({ request, context, params, plugins }) => {
@@ -690,9 +729,11 @@ const getPreviewData = createSloServerRoute({
 
 const getSloSettingsRoute = createSloServerRoute({
   endpoint: 'GET /internal/slo/settings',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   handler: async ({ context, plugins }) => {
     await assertPlatinumLicense(plugins);
@@ -706,9 +747,11 @@ const getSloSettingsRoute = createSloServerRoute({
 const putSloSettings = (isServerless?: boolean) =>
   createSloServerRoute({
     endpoint: 'PUT /internal/slo/settings',
-    options: {
-      tags: ['access:slo_write'],
-      access: 'internal',
+    options: { access: 'internal' },
+    security: {
+      authz: {
+        requiredPrivileges: ['slo_write'],
+      },
     },
     params: isServerless ? putSLOServerlessSettingsParamsSchema : putSLOSettingsParamsSchema,
     handler: async ({ context, params, plugins }) => {
@@ -723,9 +766,11 @@ const putSloSettings = (isServerless?: boolean) =>
 
 const getSLOsOverview = createSloServerRoute({
   endpoint: 'GET /internal/observability/slos/overview',
-  options: {
-    tags: ['access:slo_read'],
-    access: 'internal',
+  options: { access: 'internal' },
+  security: {
+    authz: {
+      requiredPrivileges: ['slo_read'],
+    },
   },
   params: getOverviewParamsSchema,
   handler: async ({ context, params, request, logger, plugins }) => {