# Backport
This will backport the following commits from `main` to `8.x`:
- [[Authz] Migrated routes with access tags to security config
(#209756)](https://github.com/elastic/kibana/pull/209756)
<!--- Backport version: 9.4.3 -->
### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)
<!--BACKPORT [{"author":{"name":"Elena
Shostak","email":"165678770+elena-shostak@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-02-11T14:36:38Z","message":"[Authz]
Migrated routes with access tags to security config (#209756)\n\n##
Summary\r\n\r\nThis PR migrates the last routes with
`access:<privilege>` tags used in\r\nroute definitions to new security
configuration.\r\nPlease refer to the documentation for more
information:
[Authorization\r\nAPI](https://docs.elastic.dev/kibana-dev-docs/key-concepts/security-api-authorization)\r\n\r\n###
**Before Migration:**\r\nAccess control tags were defined in the
`options` object of the route:\r\n\r\n```ts\r\nrouter.get({\r\n path:
'/api/path',\r\n options: {\r\n tags: ['access:<privilege_1>',
'access:<privilege_2>'],\r\n },\r\n ...\r\n},
handler);\r\n```\r\n\r\n### **After Migration:**\r\nTags have been
replaced with the more robust\r\n`security.authz.requiredPrivileges`
field under `security`:\r\n\r\n```ts\r\nrouter.get({\r\n path:
'/api/path',\r\n security: {\r\n authz: {\r\n requiredPrivileges:
['<privilege_1>', '<privilege_2>'],\r\n },\r\n },\r\n ...\r\n},
handler);\r\n```\r\n\r\n### Checklist\r\n\r\n-
[x]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [x] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"ad0e1d9d9d5ffba3c0bd7839affe0e885c3f2f03","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","release_note:skip","Feature:Security/Authorization","backport:prev-minor","backport:version","Authz:
API migration","v9.1.0","v8.19.0"],"title":"[Authz] Migrated routes with
access tags to security
config","number":209756,"url":"https://github.com/elastic/kibana/pull/209756","mergeCommit":{"message":"[Authz]
Migrated routes with access tags to security config (#209756)\n\n##
Summary\r\n\r\nThis PR migrates the last routes with
`access:<privilege>` tags used in\r\nroute definitions to new security
configuration.\r\nPlease refer to the documentation for more
information:
[Authorization\r\nAPI](https://docs.elastic.dev/kibana-dev-docs/key-concepts/security-api-authorization)\r\n\r\n###
**Before Migration:**\r\nAccess control tags were defined in the
`options` object of the route:\r\n\r\n```ts\r\nrouter.get({\r\n path:
'/api/path',\r\n options: {\r\n tags: ['access:<privilege_1>',
'access:<privilege_2>'],\r\n },\r\n ...\r\n},
handler);\r\n```\r\n\r\n### **After Migration:**\r\nTags have been
replaced with the more robust\r\n`security.authz.requiredPrivileges`
field under `security`:\r\n\r\n```ts\r\nrouter.get({\r\n path:
'/api/path',\r\n security: {\r\n authz: {\r\n requiredPrivileges:
['<privilege_1>', '<privilege_2>'],\r\n },\r\n },\r\n ...\r\n},
handler);\r\n```\r\n\r\n### Checklist\r\n\r\n-
[x]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [x] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"ad0e1d9d9d5ffba3c0bd7839affe0e885c3f2f03"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/209756","number":209756,"mergeCommit":{"message":"[Authz]
Migrated routes with access tags to security config (#209756)\n\n##
Summary\r\n\r\nThis PR migrates the last routes with
`access:<privilege>` tags used in\r\nroute definitions to new security
configuration.\r\nPlease refer to the documentation for more
information:
[Authorization\r\nAPI](https://docs.elastic.dev/kibana-dev-docs/key-concepts/security-api-authorization)\r\n\r\n###
**Before Migration:**\r\nAccess control tags were defined in the
`options` object of the route:\r\n\r\n```ts\r\nrouter.get({\r\n path:
'/api/path',\r\n options: {\r\n tags: ['access:<privilege_1>',
'access:<privilege_2>'],\r\n },\r\n ...\r\n},
handler);\r\n```\r\n\r\n### **After Migration:**\r\nTags have been
replaced with the more robust\r\n`security.authz.requiredPrivileges`
field under `security`:\r\n\r\n```ts\r\nrouter.get({\r\n path:
'/api/path',\r\n security: {\r\n authz: {\r\n requiredPrivileges:
['<privilege_1>', '<privilege_2>'],\r\n },\r\n },\r\n ...\r\n},
handler);\r\n```\r\n\r\n### Checklist\r\n\r\n-
[x]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [x] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"ad0e1d9d9d5ffba3c0bd7839affe0e885c3f2f03"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
Co-authored-by: Elena Shostak <165678770+elena-shostak@users.noreply.github.com>
# Backport
This will backport the following commits from `main` to `8.x`:
- [Added scope field to features config.
(#191634)](https://github.com/elastic/kibana/pull/191634)
<!--- Backport version: 8.9.8 -->
### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)
<!--BACKPORT [{"author":{"name":"Elena
Shostak","email":"165678770+elena-shostak@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-09-13T00:22:20Z","message":"Added
scope field to features config. (#191634)\n\n## Summary\r\nKibana needs
to more tightly control the set of visible features within\r\na space,
in order to support the new solution-based navigation.\r\nAdded `scope`
field to the features configuration. This enhancement is\r\nintended to
prevent new features from appearing in Space
Visibility\r\nToggles.\r\n\r\n\r\n### Checklist\r\n\r\n-
[x]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [x] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n\r\n\r\n__Fixes:
https://github.com/elastic/kibana/issues/191299__\r\n\r\n## Release
Note\r\n\r\nAdded `scope` field to the features configuration. This
enhancement is\r\nintended to prevent new features from appearing in
Space Visibility\r\nToggles.\r\n\r\n---------\r\n\r\nCo-authored-by:
Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"a71c9ba38ab4b88288313b91bd1b699777b3aab1","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","chore","Team:Security","Feature:Security/Spaces","backport:skip","Team:Fleet","v9.0.0","Team:Obs
AI
Assistant","ci:project-deploy-observability","Team:obs-ux-infra_services","Team:obs-ux-management","apm:review"],"number":191634,"url":"https://github.com/elastic/kibana/pull/191634","mergeCommit":{"message":"Added
scope field to features config. (#191634)\n\n## Summary\r\nKibana needs
to more tightly control the set of visible features within\r\na space,
in order to support the new solution-based navigation.\r\nAdded `scope`
field to the features configuration. This enhancement is\r\nintended to
prevent new features from appearing in Space
Visibility\r\nToggles.\r\n\r\n\r\n### Checklist\r\n\r\n-
[x]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [x] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n\r\n\r\n__Fixes:
https://github.com/elastic/kibana/issues/191299__\r\n\r\n## Release
Note\r\n\r\nAdded `scope` field to the features configuration. This
enhancement is\r\nintended to prevent new features from appearing in
Space Visibility\r\nToggles.\r\n\r\n---------\r\n\r\nCo-authored-by:
Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"a71c9ba38ab4b88288313b91bd1b699777b3aab1"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/191634","number":191634,"mergeCommit":{"message":"Added
scope field to features config. (#191634)\n\n## Summary\r\nKibana needs
to more tightly control the set of visible features within\r\na space,
in order to support the new solution-based navigation.\r\nAdded `scope`
field to the features configuration. This enhancement is\r\nintended to
prevent new features from appearing in Space
Visibility\r\nToggles.\r\n\r\n\r\n### Checklist\r\n\r\n-
[x]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [x] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n\r\n\r\n__Fixes:
https://github.com/elastic/kibana/issues/191299__\r\n\r\n## Release
Note\r\n\r\nAdded `scope` field to the features configuration. This
enhancement is\r\nintended to prevent new features from appearing in
Space Visibility\r\nToggles.\r\n\r\n---------\r\n\r\nCo-authored-by:
Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"a71c9ba38ab4b88288313b91bd1b699777b3aab1"}}]}]
BACKPORT-->
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
Fix https://github.com/elastic/kibana/issues/65999
Change the `features` plugin's contract type names to follow our naming
convensions and to avoid needing to rename them during imports
(and yeah, I'm triggering a review from 30 teams again for a type
rename, just for the fun of it)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Fix https://github.com/elastic/kibana/issues/83612
This PR doesn't change any behavior, as we're already supporting (and
awaiting) promises returned from `stop` calls to plugin, it just changes
the type's signature to reflect that.
Also removed empty `stop` methods from existing plugins to make
typescript happy.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Closes#162263
Introduces a new `Feature Privileges` section to the developer
documentation. The documentation includes a tutorial on how to control
access to features of plugin being developed. Introduces a few sections:
- Controlling access to UI features
- Controlling access to server side APIs
- Documentation for configuration options
## Testing
To build this locally, run ./scripts/dev_docs from a local checkout of
this PR. A server will eventually start on http://localhost:3000 where
you can preview the changes.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
