Open arisonl opened 3 years ago
Thoughts: Alerting API keys are created when a rule is created or disabled/enabled. A rule which was created by a user that used to have FLS/DLS would be impacted, if FLS/DLS was taken away from them, and they proceed to update or disable/enable the rule. However, since alerting API keys are generated automatically by the framework with the role's privileges and roles are not impacted by the change, rules should not be impacted either(?). Is this thinking correct? Is there impact and if so, what is it?
@arisonl do we still need this given https://github.com/elastic/elasticsearch/pull/77400 is now closed (dropped)?
Elasticsearch Security is tightening up the behaviour DLS/FLS with API keys. Changes include adding a license check when creating API keys with DLS/FLS: https://github.com/elastic/elasticsearch/pull/77400
We should research how alerting is impacted.