Skip to content

[DOCS] Add warning about bypassing ML PUT APIs #38605

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 8, 2019
Merged

[DOCS] Add warning about bypassing ML PUT APIs #38605

merged 1 commit into from
Feb 8, 2019

Conversation

@droberts195
Copy link

@droberts195 droberts195 commented Feb 8, 2019

Now that ML configurations are stored in the .ml-config
index rather than in cluster state there is a possibility
that some users may try to add configurations directly to
the index. Allowing this creates a variety of problems
including possible data exflitration attacks (depending on
how security is set up), so this commit adds warnings
against allowing writes to the .ml-config index other than
via the ML APIs.

Backport of #38509

[DOCS] Add warning about bypassing ML PUT APIs
c96e2e0 
Now that ML configurations are stored in the .ml-config
index rather than in cluster state there is a possibility
that some users may try to add configurations directly to
the index.  Allowing this creates a variety of problems
including possible data exflitration attacks (depending on
how security is set up), so this commit adds warnings
against allowing writes to the .ml-config index other than
via the ML APIs.

Backport of elastic#38509
@droberts195 droberts195 added >docs General docs changes :ml Machine learning backport labels Feb 8, 2019
@elasticmachine
Copy link
Collaborator

elasticmachine commented Feb 8, 2019

Pinging @elastic/ml-core

@droberts195 droberts195 merged commit 02f57b1 into elastic:7.x Feb 8, 2019
@droberts195 droberts195 deleted the add_config_index_warning_7x branch February 8, 2019 11:35
jasontedor added a commit to jasontedor/elasticsearch that referenced this pull request Feb 8, 2019
@jasontedor
Merge branch '7.x' into docker-from-artifacts-7.x
ec40b57 
* 7.x:
  Make qa/full-cluster-restart tests pass. By fixing a helper method and (elastic#38604)
  Mute failing WatchStatusIntegrationTests (elastic#38621)
  Mute failing  ApiKeyIntegTests (elastic#38614)
  [DOCS] Add warning about bypassing ML PUT APIs (elastic#38605)
  Mute RetentionLeastIT.testRetentionLeasesSyncOnRecovery on 7x (elastic#38597)
  Only "include_type_name" if running on >= 7 (elastic#38594)
  Fix version logic when bumping major version (elastic#38593)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

backport >docs General docs changes :ml Machine learning

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@droberts195 @elasticmachine