Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ISM rollover] Create new role to grant ISM API permissions #2552

Closed
Tracked by #18999
AlexRuiz7 opened this issue Oct 24, 2023 · 2 comments · Fixed by #2553
Closed
Tracked by #18999

[ISM rollover] Create new role to grant ISM API permissions #2552

AlexRuiz7 opened this issue Oct 24, 2023 · 2 comments · Fixed by #2553
Assignees
@AlexRuiz7
Labels
level/subtask Task issue type/enhancement Enhancement issue

Comments

@AlexRuiz7
Copy link
Member

AlexRuiz7 commented Oct 24, 2023
edited
Loading

Description

As part of wazuh/wazuh#18999, we need to create a new role in the indexer to grant ISM API permissions, so the app can upload the ISM policy for auto-rollover. This role can be used by the users and wazuh-cloud for their own needs.

The details about the role is described in the main issue.

action_groups.yml

---
manage_ism:
  reserved: true
  hidden: false
  allowed_actions:
  - "cluster:admin/opendistro/ism/*"
  static: false

roles.yml

---
manage_ism:
  reserved: true
  hidden: false
  cluster_permissions:
  - "manage_ism"
  static: false

roles_mapping.yml

---
manage_ism:
  reserved: true
  hidden: false
  users:
  - "kibanaserver"

Originally posted by @AlexRuiz7 in wazuh/wazuh#18999 (comment)
@AlexRuiz7 AlexRuiz7 added level/subtask Task issue type/enhancement Enhancement issue labels Oct 24, 2023
@AlexRuiz7 AlexRuiz7 self-assigned this Oct 24, 2023
This was referenced Oct 24, 2023
Closed
Merged
@AlexRuiz7 AlexRuiz7 linked a pull request Oct 24, 2023 that will close this issue
Add new role to grant ISM API permissions #2553
Merged
7 tasks
@rauldpm
Copy link
Member

rauldpm commented Nov 6, 2023
edited
Loading

Reviewed: #2553 (review)

Issue changed to On hold

Tests have been carried out, issue changed to In review

@AlexRuiz7 AlexRuiz7 mentioned this issue Nov 6, 2023
Merged
7 tasks
@c-bordon c-bordon mentioned this issue Nov 9, 2023
Merged
@AlexRuiz7
Copy link
Member Author

AlexRuiz7 commented Nov 9, 2023
edited
Loading

Changes applied to wazuh-packages and wazuh-docker

@AlexRuiz7 AlexRuiz7 mentioned this issue Nov 14, 2023
Closed
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AlexRuiz7 AlexRuiz7

Labels
level/subtask Task issue type/enhancement Enhancement issue
Projects
No open projects
Release 4.8.0
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add new role to grant ISM API permissions wazuh/wazuh-packages
2 participants
@rauldpm @AlexRuiz7