Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create API keys with metadata #100682

Merged
merged 5 commits into from
Jun 1, 2021
Merged

Conversation

thomheymann
Copy link
Contributor

@thomheymann thomheymann commented May 26, 2021

Resolves: #100534
Resolves: #93820

Summary

Added the ability to create API Keys with metadata.

Screenshot 2021-05-26 at 17 19 54

Checklist

Delete any items that are not applicable to this PR.

@thomheymann thomheymann added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! release_note:enhancement labels May 26, 2021
@thomheymann thomheymann marked this pull request as ready for review May 26, 2021 15:17
@thomheymann thomheymann requested a review from a team as a code owner May 26, 2021 15:17
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@thomheymann thomheymann added the auto-backport Deprecated - use backport:version if exact versions are needed label May 26, 2021
Copy link
Member

@legrego legrego left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for putting this together so quickly!

A couple of additional comments:

  1. Can we update the type definitions for both CreateAPIKeyParams and GrantAPIKeyParams within the server-side api key service to allow for metadata to be provided? This is part of the plugin's public contract that is consumed elsewhere, so it'd be good to record that we do in fact support metadata:
    export interface CreateAPIKeyParams {
    name: string;
    role_descriptors: Record<string, any>;
    expiration?: string;
    }
    interface GrantAPIKeyParams {
    api_key: CreateAPIKeyParams;
    grant_type: 'password' | 'access_token';
    username?: string;
    password?: string;
    access_token?: string;
    }
  2. Can we add an API test to ensure that we can pass metadata through successfully?:
    describe('POST /internal/security/api_key', () => {
  3. If you're up for it, we could update the documentation screenshot to include the new metadata toggle:
    https://github.com/elastic/kibana/blob/69f013e2fb64544bc9d16d3fe9f4ec6c14ed9c11/docs/user/security/api-keys/images/create-api-key.png

@legrego legrego requested a review from bytebilly May 26, 2021 17:47
Copy link
Contributor

@bytebilly bytebilly left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work @thomheymann! LGTM once all comments are resolved 👍
Should we update documentation at https://www.elastic.co/guide/en/kibana/current/api-keys.html#create-api-key too?

Copy link
Member

@legrego legrego left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@legrego
Copy link
Member

legrego commented Jun 1, 2021

@elasticmachine merge upstream

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
security 765.0KB 767.0KB +2.0KB
Unknown metric groups

References to deprecated APIs

id before after diff
infra 256 146 -110
lens 67 45 -22
licensing 18 15 -3
lists 239 236 -3
ml 121 115 -6
stackAlerts 101 95 -6
total -150

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@thomheymann thomheymann merged commit 27f790c into elastic:master Jun 1, 2021
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Jun 1, 2021
@kibanamachine
Copy link
Contributor

💚 Backport successful

Status Branch Result
7.x

This backport PR will be merged automatically after passing CI.

kibanamachine added a commit that referenced this pull request Jun 1, 2021
Co-authored-by: Thom Heymann <190132+thomheymann@users.noreply.github.com>
jloleysens added a commit to jloleysens/kibana that referenced this pull request Jun 2, 2021
…sens/kibana into reporting/new-png-pdf-report-type

* 'reporting/new-png-pdf-report-type' of github.com:jloleysens/kibana: (46 commits)
  [Security Solution] Add Ransomware canary advanced policy option (elastic#101068)
  [Exploratory view] Core web vitals (elastic#100320)
  [Security solution][Endpoint] Add unit tests for fleet event filters/trusted apps cards (elastic#101034)
  [Lens] Use a setter function for the dimension panel (elastic#101123)
  [Index Patterns] Fix return saved index pattern object (elastic#101051)
  [CI] For PRs, build TS refs before public api docs check (elastic#100791)
  [Maps] fix line and polygon label regression (elastic#101085)
  Migrate CCR to new ES JS client. (elastic#100131)
  [Canvas] Switch Canvas to use React Router (elastic#100579)
  [Expressions] Use table column ID instead of name when set (elastic#99724)
  [DOCS] Updates docs landing page (elastic#100749)
  [DOCS] Corrects typo in step 3 (elastic#101079)
  [DOCS] Updates runtime example in Discover (elastic#100926)
  Migrate kibana.autocomplete config to data plugin (elastic#100586)
  [Uptime] New width/delay definition for waterfall sidebar item tooltip (elastic#100147)
  [FTR] Use importExport for saved_object/basic archive (elastic#100244)
  [Fleet] Better input for multi text input in agent policy builder (elastic#101020)
  [CI] Buildkite support with Baseline pipeline (elastic#100492)
  [Reporting/Telemetry] Do not send telemetry if we are in screenshot mode (elastic#100388)
  Create API keys with metadata (elastic#100682)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
auto-backport Deprecated - use backport:version if exact versions are needed release_note:enhancement Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v7.14.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Allow adding metadata when creating an API key Metadata for API Keys
5 participants