maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

add readme note about alerting / manage_api_key cluster privilege (#54639)

Browse source 
partially resolves https://github.com/elastic/kibana/issues/54525
This commit is contained in:
Patrick Mueller 2020-01-14 23:47:55 -05:00 committed by GitHub
parent 56ff721867
commit d3a3cefc73
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
x-pack/legacy/plugins/alerting/README.md
View file

@ -32,6 +32,14 @@ When security is enabled, an SSL connection to Elasticsearch is required in orde
When security is enabled, users who create alerts will need the `manage_api_key` cluster privilege. There is currently work in progress to remove this requirement.
Note that the `manage_own_api_key` cluster privilege is not enough - it can be used to create API keys, but not invalidate them, and the alerting plugin currently both creates and invalidates APIs keys as part of it's processing. When using only the `manage_own_api_key` privilege, you will see the following message logged in the server when the alerting plugin attempts to invalidate an API key:
```
[error][alerting][plugins] Failed to invalidate API Key: [security_exception] \
action [cluster:admin/xpack/security/api_key/invalidate] \
is unauthorized for user [user-name-here]
```
## Alert types
### Methods