Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Make existing OpenAPI specs for Endpoint management API correct #183816

Closed
24 of 29 tasks
maximpn opened this issue May 20, 2024 · 2 comments · Fixed by #187634
Closed
24 of 29 tasks

[Security Solution] Make existing OpenAPI specs for Endpoint management API correct #183816

maximpn opened this issue May 20, 2024 · 2 comments · Fixed by #187634
Assignees
@ashokaditya
Labels
8.15 candidate docs OLM Sprint Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@maximpn
Copy link
Contributor

maximpn commented May 20, 2024
edited by ashokaditya
Loading

Epic: https://github.com/elastic/security-team/issues/9525

Deadline: Jul 29, 2024 (see milestones in https://github.com/elastic/security-team/issues/9400)

Summary

As part of the Serverless project, we need to make sure OpenAPI specs for all public Endpoint management API endpoints are correct. We want all the APIs documented before Serverless GA. Please look for more context in the epic.

During a Security Solution public API research we discovered that for some of the public Endpoint management API endpoints we already have OpenAPI specs. We just need to make sure they are correct. Please see below what needs to be done exactly.

API endpoints

The following public API endpoints were discovered during research, and have OpenAPI specs:

  • GET /api/endpoint/metadata
  • GET /api/endpoint/metadata/{id}
  • GET /api/endpoint/metadata/transforms
  • POST /api/endpoint/suggestions/{suggestion_type}
  • GET /api/endpoint/policy_response
  • GET /api/endpoint/policy/summaries
  • GET /api/endpoint/action_status
  • GET /api/endpoint/action/state
  • GET /api/endpoint/action_log/{agent_id}
  • GET /api/endpoint/action
  • GET /api/endpoint/action/{action_id}
  • POST /api/endpoint/action/isolate
  • POST /api/endpoint/action/unisolate
  • POST /api/endpoint/action/kill_process
  • POST /api/endpoint/action/suspend_process
  • POST /api/endpoint/action/running_procs
  • POST /api/endpoint/action/get_file
  • POST /api/endpoint/action/execute
  • POST /api/endpoint/action/upload
  • POST /api/endpoint/action/scan
  • GET /api/endpoint/action/{action_id}/file/{file_id}/download
  • GET /api/endpoint/action/{action_id}/file/{file_id}
  • GET /api/endpoint/protection_updates_note/{package_policy_id}
  • POST /api/endpoint/protection_updates_note/{package_policy_id}

To do

  • Check if there are any other public endpoints that you own that have OpenAPI specs and add them to the list above.
  • Make sure your specs (including those above) are valid OpenAPI documents.
  • Make sure your specs (including those above) match the actual API contracts defined in the code.
  • Mark the endpoints as available in ESS, or Serverless, or in both offerings (depends on: https://github.com/elastic/security-team/issues/9516).
  • Update schema response stubs to specific responses
@maximpn maximpn added docs Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Project:Serverless Work as part of the Serverless project for its initial release 8.15 candidate labels May 20, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@maximpn maximpn mentioned this issue May 20, 2024
Closed
26 tasks
@banderror banderror removed the Project:Serverless Work as part of the Serverless project for its initial release label Jun 4, 2024
@ashokaditya ashokaditya mentioned this issue Jul 5, 2024
Merged
3 tasks
ashokaditya added a commit to ashokaditya/kibana that referenced this issue Aug 9, 2024
@ashokaditya
update action state openAPI response schema
8cb0c65 
refs elastic/issues/183816
ashokaditya added a commit to ashokaditya/kibana that referenced this issue Aug 9, 2024
@ashokaditya
update action status openAPI response schema
73b20d0 
refs elastic/issues/183816
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ashokaditya ashokaditya

Labels
8.15 candidate docs OLM Sprint Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[SecuritySolution][Endpoint] Open API spec updates for public Endpoint APIs ashokaditya/kibana
5 participants
@ashokaditya @maximpn @banderror @dasansol92 @elasticmachine