Skip to content

Designate reporting_user as a deprecated role #72057

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 22, 2021
Merged

Designate reporting_user as a deprecated role #72057

merged 2 commits into from
Apr 22, 2021

Conversation

@tsullivan
Copy link
Member

@tsullivan tsullivan commented Apr 21, 2021

The built-in reporting_user role is used by Kibana to grant report-generation privileges to a user that has that role assigned. That is deprecated in Kibana, as the Kibana admin can now migrate to using the Kibana application privileges APIs for Reporting.

This PR follows the path of deprecating built-in roles that #46456 introduced. It updates the built-in reporting_user role to be marked as "deprecated" in the metadata. This change will allow Kibana to show notices to the admin user in the UI that migrating to Kibana application privileges is the preferred option.

@elasticsearchmachine elasticsearchmachine added the external-contributor Pull request authored by a developer outside the Elasticsearch team label Apr 21, 2021
@tsullivan tsullivan added :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC >deprecation labels Apr 21, 2021
@elasticmachine elasticmachine added the Team:Security Meta label for security team label Apr 21, 2021
@elasticmachine
Copy link
Collaborator

elasticmachine commented Apr 21, 2021

Pinging @elastic/es-security (Team:Security)

jkakavas
jkakavas approved these changes Apr 22, 2021
View reviewed changes
Copy link
Contributor

@jkakavas jkakavas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tsullivan tsullivan merged commit 58f559d into elastic:master Apr 22, 2021
@tsullivan tsullivan deleted the reportingUserDeprecation branch April 22, 2021 16:44
tsullivan added a commit to tsullivan/elasticsearch that referenced this pull request Apr 22, 2021
@tsullivan @jkakavas
Designate reporting_user as a deprecated role (elastic#72057)
7cc45ee 
* Designate reporting_user as a deprecated role

* fix compilation

Co-authored-by: Ioannis Kakavas <[email protected]>
@tsullivan tsullivan mentioned this pull request Apr 22, 2021
Merged
tsullivan added a commit that referenced this pull request Apr 27, 2021
@tsullivan @jkakavas
Designate reporting_user as a deprecated role (#72057) (#72116)
eb41995 
* Designate reporting_user as a deprecated role

* fix compilation

Co-authored-by: Ioannis Kakavas <[email protected]>

Co-authored-by: Ioannis Kakavas <[email protected]>
@slobodanadamovic slobodanadamovic mentioned this pull request Aug 18, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@legrego legrego legrego approved these changes

@jkakavas jkakavas jkakavas approved these changes

@tvernum tvernum Awaiting requested review from tvernum

+1 more reviewer

@jportner jportner jportner approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

>deprecation external-contributor Pull request authored by a developer outside the Elasticsearch team :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC Team:Security Meta label for security team v7.14.0 v8.0.0-alpha1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@tsullivan @elasticmachine @legrego @jportner @jkakavas @jakelandis @elasticsearchmachine