Skip to content

[9.0] Unauthorized route migration for routes owned by response-ops (#214785)#214830

Merged
kibanamachine merged 1 commit intoelastic:9.0from
kibanamachine:backport/9.0/pr-214785
Mar 17, 2025
Merged

[9.0] Unauthorized route migration for routes owned by response-ops (#214785)#214830
kibanamachine merged 1 commit intoelastic:9.0from
kibanamachine:backport/9.0/pr-214785

Conversation

@kibanamachine
Copy link
Contributor

@kibanamachine kibanamachine commented Mar 17, 2025

Backport

This will backport the following commits from main to 9.0:

Questions ?

Please refer to the Backport tool documentation

@elena-shostak
Unauthorized route migration for routes owned by response-ops (elasti…
5b59811 
…c#214785)

### Authz API migration for unauthorized routes

This PR migrates last unauthorized routes owned by your team to a new
security configuration.
Please refer to the documentation for more information: [Authorization
API](https://docs.elastic.dev/kibana-dev-docs/key-concepts/security-api-authorization)

### **Before migration:**
```ts
router.get({
  path: '/api/path',
  ...
}, handler);
```

### **After migration:**
```ts
router.get({
  path: '/api/path',
  security: {
    authz: {
      enabled: false,
      reason: 'This route is opted out from authorization because ...',
    },
  },
  ...
}, handler);
```

(cherry picked from commit 229dca5)
@kibanamachine kibanamachine added the backport This PR is a backport of another PR label Mar 17, 2025
@kibanamachine kibanamachine enabled auto-merge (squash) March 17, 2025 16:41
@kibanamachine kibanamachine mentioned this pull request Mar 17, 2025
Merged
@kibanamachine kibanamachine merged commit 1b42e77 into elastic:9.0 Mar 17, 2025
12 checks passed
@elasticmachine
Copy link
Contributor

elasticmachine commented Mar 17, 2025

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #60 / Rules Management - Rule Delete API @ess delete_rules_bulk_legacy deleting rules bulk using bulk_action endpoint should return 2 legacy actions in the response body when it deletes 2 rules

Metrics [docs]

✅ unchanged

cc @elena-shostak

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@elena-shostak elena-shostak

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kibanamachine @elasticmachine @elena-shostak