kibana

mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00

History

Sid 56c0806af5 [ESO] Add flag to allow ESO consumers to opt-out of highly random UIDs (#198287 ) Closes https://github.com/elastic/kibana/issues/194692 ## Summary Allow consumers of ESOs to explicitly opt out of the strict highly random UID requirements while registering the ESO type ### Description The `getValidId` method was updated to allow consumers of Encrypted Saved Objects to explicitly opt-out of the enforced random ID requirement. This change is added during ESO registration - consumers can now pass a new field to opt-out of random UIDs. Additional changes - Updated canSpecifyID logic: - The canSpecifyID condition now also checks if enforceRandomId is explicitly set to false. This opt-out approach allows specific ESOs to bypass the random ID enforcement without affecting the default behavior, keeping it secure by default. During the registration phase of the saved object, consumers can now specify if they'd like to opt-out of the random ID ``` savedObjects.registerType({ name: TYPE_WITH_PREDICTABLE_ID, //... }); encryptedSavedObjects.registerType({ type: TYPE_WITH_PREDICTABLE_ID, //... enforceRandomId: false, }); ``` ### Release notes Improves Encrypted Saved Objects (ESO) ID validation by adding an enforceRandomId parameter, allowing consumers to opt out of the default random ID requirement for specific use cases. ### Checklist - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels) - [ ] This will appear in the Release Notes and follow the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Jeramy Soucy <jeramy.soucy@elastic.co>		2024-11-05 15:40:53 +01:00
..
fixtures/es_archiver	Replace Encrypted Saved Object AAD exclude list with include list (#167705 )	2024-03-08 11:15:02 -05:00
plugins/api_consumer_plugin	[ESO] Add flag to allow ESO consumers to opt-out of highly random UIDs (#198287 )	2024-11-05 15:40:53 +01:00
tests	[ESO] Add flag to allow ESO consumers to opt-out of highly random UIDs (#198287 )	2024-11-05 15:40:53 +01:00
config.ts	chore(security, eslint): apply platform security-specific rules to all exclusively owned paths. (#195711 )	2024-10-11 09:49:12 +02:00
ftr_provider_context.d.ts	chore(security, eslint): apply platform security-specific rules to all exclusively owned paths. (#195711 )	2024-10-11 09:49:12 +02:00
services.ts	[FTR] move supertestWithoutAuth service to kbn-ftr-common-functional-services (#189613 )	2024-08-05 04:20:38 -05:00