forked from elastic/kibana
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Manage Cross-Cluster API keys (elastic#162363)
Resolves elastic#142400 ## Release notes Added ability to manage Cross-Cluster API keys. ## Summary - Redesigned API keys page to cater for different API key types: - **Personal API Key** - Allows external services to access the Elastic Stack on behalf of a user. - **Cross-Cluster API key** - Allows remote clusters to connect to your local cluster. - **Managed API key** - Created and managed by Kibana to correctly run background tasks. (e.g. alerting / fleet) - Redesigned Create/Update API key popup to allow adding Cross-Cluster API keys. - Redesigned View API key popup showing more information and added feedback when API keys cannot be edited. ## Technical notes - Refactored API key schemas and types throughout all API key related routes, services and clients to create a single source of truth and stop types going out of sync. - Consolidated internal endpoints to simplify usage and reduce unnecessary HTTP roundtrips. - Migrated API Key form to Formik to more reliably manage state and to simplify validation logic when toggling visibility of form elements. - Broke out API key table and related primitives into separate reusable components for a more cohesive design. ## Screenshots ### API keys page <details> <summary>Before</summary> <img width="1249" alt="Screenshot 2023-07-24 at 10 25 04" src="https://github.com/elastic/kibana/assets/190132/eb122597-f138-4658-9141-fd76b3291751"> </details> <details open> <summary>After</summary> <img width="1159" alt="Screenshot 2023-07-23 at 17 01 24" src="https://github.com/elastic/kibana/assets/190132/42be5002-235e-4785-83e3-eb4063ca75ba"> </details> ### Create Cross-Cluster API key flyover <details> <summary>Before</summary> <img width="1261" alt="Screenshot 2023-07-24 at 10 25 21" src="https://github.com/elastic/kibana/assets/190132/9e3ddffc-e6ec-4c9a-aaa4-a20b0ecf4d51"> </details> <details open> <summary>After</summary> <img width="1172" alt="Screenshot 2023-07-23 at 17 06 41" src="https://github.com/elastic/kibana/assets/190132/e6823c07-2154-4777-820f-a3bab9cabe0f"> </details> ### API key details flyover <details> <summary>Before</summary> <img width="1262" alt="Screenshot 2023-07-24 at 10 25 35" src="https://github.com/elastic/kibana/assets/190132/212293f3-355b-40d3-a1d6-5eea9c61c1cf"> </details> <details open> <summary>After</summary> <img width="1260" alt="Screenshot 2023-07-24 at 10 34 01" src="https://github.com/elastic/kibana/assets/190132/a5f561af-e415-49dd-9f3f-70250eb32ef7"> </details> ## Testing ### Conditions of satisfaction 1) The API Key management screen should be updated to allow the different API Key types to be distinguished from one another. 2) Users with the elevated `manage_security` cluster privilege shall have the ability to create & update RCS API Keys, as described in the technical document provided by ES. This is a different privilege than what the rest of the screen requires today. 3) API Key Invalidation will require the existing `manage_api_keys` cluster privilege. 4) RCS API Keys are not available in the serverless offering, so these changes should only be visible for the current offering. Note: This functionality requires a true serverless ES instance - The feature will not be hidden simply by running Kibana using serverless flag 5) RCS API Keys require an `enterprise` license, and should not be available for deployments with a lesser license level. 6) Any new APIs introduced on the Kibana side should be marked as `internal`, for consistency with the rest of our API Key endpoints. 7) These RCS API Key changes must not be visible in the UI until support for this is enabled in ES.
- Loading branch information
1 parent
c892747
commit 73c5e36
Showing
35 changed files
with
2,254 additions
and
1,954 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.