[SLO][Fleet] Reauthorize SLO transforms #189756
Labels
Team:obs-ux-management
Observability Management User Experience Team
Comments
|
I created a temp commit branched from this PR. I adapted existing Transforms Reauthorization process to take into consideration SLO transforms as well. Here's how the Reauthorization workflow looks like so far: Screen.Recording.2024-08-01.at.16.40.39.movThis is still WIP, since I am clarifying the workflow with Fleet team in this thread cc @qn895 |
mgiota
added
the
Team:obs-ux-management
|
Pinging @elastic/obs-ux-management-team (Team:obs-ux-management) |
|
I think we don't want to pursue this. @jasonrhodes can I close? |
|
Yes we should close, as we are not installing SLOs via integrations. This is what is supposed to be replaced by "templates" or "prepackaged assets", or whatever those end up being called. I'll link that issue to this one. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
As part of this PR a secondary authorization header was added to Transforms in Fleet, making the permissions/privileges dependent on the logged-in user. Previously everything was installed as
kibana_systemuser, which has limited permissions to a specific set of indices defined internally.When SLO assets are installed, transforms get installed as well. The secondary authorization header that was added to Transforms in Fleet, didn't automatically got applied to SLO transforms, since SLO assets are installed as kibana assets and the secondary authorization header is currently applied only to ES assets.
Thus in this PR which handles the installation of SLO assets in Fleet, we hit following permission error:
✅ Acceptance criteria
Adapt the SLO installation process to incorporate the Transform reauthorization process
The text was updated successfully, but these errors were encountered: