c77c7fbedb
An MVP of the RBAC work required for the "alerts as data" effort. An example of the existing implementation for alerts would be that of the security solution. The security solution stores its alerts generated from rules in a single data index - .siem-signals. In order to gain or restrict access to alerts, users do so by following the Elasticsearch privilege architecture. A user would need to go into the Kibana role access UI and give explicit read/write/manage permissions for the index itself. Kibana as a whole is moving away from this model and instead having all user interactions run through the Kibana privilege model. When solutions use saved objects, this authentication layer is abstracted away for them. Because we have chosen to use data indices for alerts, we cannot rely on this abstracted out layer that saved objects provide - we need to provide our own RBAC! Instead of giving users explicit permission to an alerts index, users are instead given access to features. They don't need to know anything about indices, that work we do under the covers now. Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com> Co-authored-by: Yara Tercero <yara.tercero@elastic.co> |
||
|---|---|---|
| .. | ||
| src | ||
| BUILD.bazel | ||
| jest.config.js | ||
| package.json | ||
| README.md | ||
| tsconfig.json | ||
kbn-securitysolution-es-utils
This is the shared security solution elastic search utilities among plugins. This was originally created to remove the dependencies between security_solution and other projects such as lists. This should only be used within server side code and not client side code since it is all elastic search utilities and packages.