From db0a898f2d9fc6b57d7c683a978c86a52e16bdc0 Mon Sep 17 00:00:00 2001 From: Milosz Marcinkowski <38698566+miloszmarcinkowski@users.noreply.github.com> Date: Thu, 24 Oct 2024 15:59:47 +0200 Subject: [PATCH] [APM] Set explicit access options for APM public APIs (#197435) ## Summary Closes #192473 Part of #186781 Set explicit `access` option to `public` for APM public APIs. List of affected APIs: ``` POST /api/apm/agent_keys 2023-10-31 GET /api/apm/services/{serviceName}/annotation/search 2023-10-31 POST /api/apm/services/{serviceName}/annotation 2023-10-31 GET /api/apm/settings/agent-configuration 2023-10-31 DELETE /api/apm/settings/agent-configuration 2023-10-31 PUT /api/apm/settings/agent-configuration 2023-10-31 POST /api/apm/settings/agent-configuration/search 2023-10-31 GET /api/apm/sourcemaps 2023-10-31 POST /api/apm/sourcemaps 2023-10-31 DELETE /api/apm/sourcemaps/{id} 2023-10-31 GET /api/apm/settings/agent-configuration/view 2023-10-31 GET /api/apm/settings/agent-configuration/environments 2023-10-31 GET /api/apm/settings/agent-configuration/agent_name 2023-10-31 POST /api/apm/fleet/apm_server_schema 2023-10-31 ``` --- .../apm/server/routes/agent_keys/route.ts | 5 ++++- .../apm/server/routes/fleet/route.ts | 2 +- .../apm/server/routes/services/route.ts | 3 ++- .../routes/settings/agent_configuration/route.ts | 12 +++++++----- .../apm/server/routes/source_maps/route.ts | 5 +++-- 5 files changed, 17 insertions(+), 10 deletions(-) diff --git a/x-pack/plugins/observability_solution/apm/server/routes/agent_keys/route.ts b/x-pack/plugins/observability_solution/apm/server/routes/agent_keys/route.ts index d8c2cd70768c4..a296b7f8be284 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/agent_keys/route.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/agent_keys/route.ts @@ -91,7 +91,10 @@ const invalidateAgentKeyRoute = createApmServerRoute({ const createAgentKeyRoute = createApmServerRoute({ endpoint: 'POST /api/apm/agent_keys 2023-10-31', - options: { tags: ['access:apm', 'access:apm_settings_write', 'oas-tag:APM agent keys'] }, + options: { + tags: ['access:apm', 'access:apm_settings_write', 'oas-tag:APM agent keys'], + access: 'public', + }, params: t.type({ body: t.type({ name: t.string, diff --git a/x-pack/plugins/observability_solution/apm/server/routes/fleet/route.ts b/x-pack/plugins/observability_solution/apm/server/routes/fleet/route.ts index 05b74b3fc9c42..1355460cc1836 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/fleet/route.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/fleet/route.ts @@ -65,7 +65,7 @@ const fleetAgentsRoute = createApmServerRoute({ const saveApmServerSchemaRoute = createApmServerRoute({ endpoint: 'POST /api/apm/fleet/apm_server_schema 2023-10-31', - options: { tags: ['access:apm', 'access:apm_write'] }, + options: { tags: ['access:apm', 'access:apm_write'], access: 'public' }, params: t.type({ body: t.type({ schema: t.record(t.string, t.unknown), diff --git a/x-pack/plugins/observability_solution/apm/server/routes/services/route.ts b/x-pack/plugins/observability_solution/apm/server/routes/services/route.ts index da2a506e3ae3f..eb810fae50323 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/services/route.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/services/route.ts @@ -395,7 +395,7 @@ const serviceAnnotationsRoute = createApmServerRoute({ }), query: t.intersection([environmentRt, rangeRt]), }), - options: { tags: ['access:apm', 'oas-tag:APM annotations'] }, + options: { tags: ['access:apm', 'oas-tag:APM annotations'], access: 'public' }, handler: async (resources): Promise => { const apmEventClient = await getApmEventClient(resources); const { params, plugins, context, request, logger, config } = resources; @@ -440,6 +440,7 @@ const serviceAnnotationsCreateRoute = createApmServerRoute({ endpoint: 'POST /api/apm/services/{serviceName}/annotation 2023-10-31', options: { tags: ['access:apm', 'access:apm_write', 'oas-tag:APM annotations'], + access: 'public', }, params: t.type({ path: t.type({ diff --git a/x-pack/plugins/observability_solution/apm/server/routes/settings/agent_configuration/route.ts b/x-pack/plugins/observability_solution/apm/server/routes/settings/agent_configuration/route.ts index aaf8fb2c48681..bc8109dfa2808 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/settings/agent_configuration/route.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/settings/agent_configuration/route.ts @@ -39,7 +39,7 @@ function throwNotFoundIfAgentConfigNotAvailable(featureFlags: ApmFeatureFlags): // get list of configurations const agentConfigurationRoute = createApmServerRoute({ endpoint: 'GET /api/apm/settings/agent-configuration 2023-10-31', - options: { tags: ['access:apm'] }, + options: { tags: ['access:apm'], access: 'public' }, handler: async ( resources ): Promise<{ @@ -68,7 +68,7 @@ const getSingleAgentConfigurationRoute = createApmServerRoute({ params: t.partial({ query: serviceRt, }), - options: { tags: ['access:apm'] }, + options: { tags: ['access:apm'], access: 'public' }, handler: async (resources): Promise => { throwNotFoundIfAgentConfigNotAvailable(resources.featureFlags); @@ -100,6 +100,7 @@ const deleteAgentConfigurationRoute = createApmServerRoute({ endpoint: 'DELETE /api/apm/settings/agent-configuration 2023-10-31', options: { tags: ['access:apm', 'access:apm_settings_write'], + access: 'public', }, params: t.type({ body: t.type({ @@ -156,6 +157,7 @@ const createOrUpdateAgentConfigurationRoute = createApmServerRoute({ endpoint: 'PUT /api/apm/settings/agent-configuration 2023-10-31', options: { tags: ['access:apm', 'access:apm_settings_write'], + access: 'public', }, params: t.intersection([ t.partial({ query: t.partial({ overwrite: toBooleanRt }) }), @@ -224,7 +226,7 @@ const agentConfigurationSearchRoute = createApmServerRoute({ params: t.type({ body: searchParamsRt, }), - options: { tags: ['access:apm'], disableTelemetry: true }, + options: { tags: ['access:apm'], disableTelemetry: true, access: 'public' }, handler: async ( resources ): Promise | null> => { @@ -286,7 +288,7 @@ const listAgentConfigurationEnvironmentsRoute = createApmServerRoute({ params: t.partial({ query: t.partial({ serviceName: t.string }), }), - options: { tags: ['access:apm'] }, + options: { tags: ['access:apm'], access: 'public' }, handler: async ( resources ): Promise<{ @@ -327,7 +329,7 @@ const agentConfigurationAgentNameRoute = createApmServerRoute({ params: t.type({ query: t.type({ serviceName: t.string }), }), - options: { tags: ['access:apm'] }, + options: { tags: ['access:apm'], access: 'public' }, handler: async (resources): Promise<{ agentName: string | undefined }> => { throwNotFoundIfAgentConfigNotAvailable(resources.featureFlags); diff --git a/x-pack/plugins/observability_solution/apm/server/routes/source_maps/route.ts b/x-pack/plugins/observability_solution/apm/server/routes/source_maps/route.ts index bc92c06416204..f1f7f3def93ab 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/source_maps/route.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/source_maps/route.ts @@ -49,7 +49,7 @@ function throwNotImplementedIfSourceMapNotAvailable(featureFlags: ApmFeatureFlag const listSourceMapRoute = createApmServerRoute({ endpoint: 'GET /api/apm/sourcemaps 2023-10-31', - options: { tags: ['access:apm'] }, + options: { tags: ['access:apm'], access: 'public' }, params: t.partial({ query: t.partial({ page: toNumberRt, @@ -87,6 +87,7 @@ const uploadSourceMapRoute = createApmServerRoute({ options: { tags: ['access:apm', 'access:apm_write'], body: { accepts: ['multipart/form-data'] }, + access: 'public', }, params: t.type({ body: t.type({ @@ -159,7 +160,7 @@ const uploadSourceMapRoute = createApmServerRoute({ const deleteSourceMapRoute = createApmServerRoute({ endpoint: 'DELETE /api/apm/sourcemaps/{id} 2023-10-31', - options: { tags: ['access:apm', 'access:apm_write'] }, + options: { tags: ['access:apm', 'access:apm_write'], access: 'public' }, params: t.type({ path: t.type({ id: t.string,