-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Fleet] Tighten policy permissions #96063
Commits on Apr 1, 2021
-
Ensure packages' data_streams contain all metadata
We can read the package information from two places - The EPM registry (method `getRegistryPackage()`) - The local ES cache (method `getEsPackage()`) The package contains a property called `data_streams`. The contents of this property varied depending on from where the package was being loaded. The code in `getEsPackage` was cherry-picking what properties to load to do validation. We have changed the code so we cherry-pick only the properties that need some sort of validation, and pass the others in bulk.
Alejandro Fernández Gómez committedApr 1, 2021 Configuration menu - View commit details
-
Copy full SHA for 4176e8f - Browse repository at this point
Copy the full SHA 4176e8fView commit details -
Add
getPackagePermissions
methodReturns a list of the necessary ES permissions based on the permissions specified in each data_stream. If no permissions are specified it returns a default set of permissions for each data_stream.
Alejandro Fernández Gómez committedApr 1, 2021 Configuration menu - View commit details
-
Copy full SHA for 8b90529 - Browse repository at this point
Copy the full SHA 8b90529View commit details -
Expose tight permissions in the agent policy
Alejandro Fernández Gómez committedApr 1, 2021 Configuration menu - View commit details
-
Copy full SHA for a57160f - Browse repository at this point
Copy the full SHA a57160fView commit details
Commits on Apr 12, 2021
-
Alejandro Fernández Gómez committed
Apr 12, 2021 Configuration menu - View commit details
-
Copy full SHA for 754d6f9 - Browse repository at this point
Copy the full SHA 754d6f9View commit details -
Merge branch 'master' into 64634-tight-policy-permissions
Alejandro Fernández Gómez committedApr 12, 2021 Configuration menu - View commit details
-
Copy full SHA for c4b1137 - Browse repository at this point
Copy the full SHA c4b1137View commit details
Commits on Apr 13, 2021
-
Add config flag to enable/disable the permissions
Alejandro Fernández Gómez committedApr 13, 2021 Configuration menu - View commit details
-
Copy full SHA for 579278c - Browse repository at this point
Copy the full SHA 579278cView commit details -
Use config flag to send tight permissions with the agent
Alejandro Fernández Gómez committedApr 13, 2021 Configuration menu - View commit details
-
Copy full SHA for e7053c4 - Browse repository at this point
Copy the full SHA e7053c4View commit details -
Merge branch 'master' into 64634-tight-policy-permissions
Alejandro Fernández Gómez committedApr 13, 2021 Configuration menu - View commit details
-
Copy full SHA for 2696b90 - Browse repository at this point
Copy the full SHA 2696b90View commit details -
Extract
getPackagePermissions
to its own fileAlejandro Fernández Gómez committedApr 13, 2021 Configuration menu - View commit details
-
Copy full SHA for 66b693f - Browse repository at this point
Copy the full SHA 66b693fView commit details -
Add tests to
getPackagePermissions
Alejandro Fernández Gómez committedApr 13, 2021 Configuration menu - View commit details
-
Copy full SHA for b6b1337 - Browse repository at this point
Copy the full SHA b6b1337View commit details
Commits on Apr 14, 2021
-
Move default cluster permissions out of
getPackagePermissions
Alejandro Fernández Gómez committedApr 14, 2021 Configuration menu - View commit details
-
Copy full SHA for fb90525 - Browse repository at this point
Copy the full SHA fb90525View commit details