As part of the Serverless project, we need to make sure OpenAPI specs for all public Endpoint management API endpoints are polished and ready to be published on a documentation website. Please look for more context in the epic, and please find below what needs to be done exactly.
API endpoints
The following public API endpoints were discovered during research:
[ ] GET /api/endpoint/metadata
[ ] GET /api/endpoint/metadata/{id}
[ ] GET /api/endpoint/metadata/transforms
[ ] POST /api/endpoint/suggestions/{suggestion_type}
[ ] GET /api/endpoint/policy_response
[ ] GET /api/endpoint/policy/summaries
[ ] GET /api/endpoint/action_status
[ ] GET /api/endpoint/action/state
[ ] GET /api/endpoint/action_log/{agent_id}
[ ] GET /api/endpoint/action
[ ] GET /api/endpoint/action/{action_id}
[ ] POST /api/endpoint/action/isolate
[ ] POST /api/endpoint/action/unisolate
[ ] POST /api/endpoint/action/kill_process
[ ] POST /api/endpoint/action/suspend_process
[ ] POST /api/endpoint/action/running_procs
[ ] POST /api/endpoint/action/get_file
[ ] POST /api/endpoint/action/execute
[ ] POST /api/endpoint/action/upload
[ ] GET /api/endpoint/action/{action_id}/file/{file_id}/download
[ ] GET /api/endpoint/action/{action_id}/file/{file_id}
[ ] POST /api/endpoint/protection_updates_note/{package_policy_id}
[ ] GET /api/endpoint/protection_updates_note/{package_policy_id}
[ ] POST /api/endpoint/isolate
[ ] POST /api/endpoint/unisolate
Note that two of the above endpoints are marked as deprecated in the code base and should be considered to be available only in ESS:
POST /api/endpoint/isolate
POST /api/endpoint/unisolate
To do
For all the Endpoint management API endpoints (including those above), in the corresponding OpenAPI specification files, please:
Make sure the generated API reference documentation looks nice and correct on bump.sh.
Make sure the generated Serverless API reference documentation doesn't contain available only in ESS API endpoints.
Ask @maximpn to provide you with an example of a polished and documentation-ready OpenAPI spec. Please also ask @maximpn for a link to the generated API reference documentation (at the time of creating this ticket, it didn't exist).
Epic: https://github.com/elastic/security-team/issues/9525 Depends on: https://github.com/elastic/kibana/issues/183815, https://github.com/elastic/kibana/issues/183816
Deadline: Sep 24, 2024 (see milestones in https://github.com/elastic/security-team/issues/9400)
Summary
As part of the Serverless project, we need to make sure OpenAPI specs for all public Endpoint management API endpoints are polished and ready to be published on a documentation website. Please look for more context in the epic, and please find below what needs to be done exactly.
API endpoints
The following public API endpoints were discovered during research:
GET /api/endpoint/metadata
GET /api/endpoint/metadata/{id}
GET /api/endpoint/metadata/transforms
POST /api/endpoint/suggestions/{suggestion_type}
GET /api/endpoint/policy_response
GET /api/endpoint/policy/summaries
GET /api/endpoint/action_status
GET /api/endpoint/action/state
GET /api/endpoint/action_log/{agent_id}
GET /api/endpoint/action
GET /api/endpoint/action/{action_id}
POST /api/endpoint/action/isolate
POST /api/endpoint/action/unisolate
POST /api/endpoint/action/kill_process
POST /api/endpoint/action/suspend_process
POST /api/endpoint/action/running_procs
POST /api/endpoint/action/get_file
POST /api/endpoint/action/execute
POST /api/endpoint/action/upload
GET /api/endpoint/action/{action_id}/file/{file_id}/download
GET /api/endpoint/action/{action_id}/file/{file_id}
POST /api/endpoint/protection_updates_note/{package_policy_id}
GET /api/endpoint/protection_updates_note/{package_policy_id}
POST /api/endpoint/isolate
POST /api/endpoint/unisolate
Note that two of the above endpoints are marked as deprecated in the code base and should be considered to be available only in ESS:
POST /api/endpoint/isolate
POST /api/endpoint/unisolate
To do
For all the Endpoint management API endpoints (including those above), in the corresponding OpenAPI specification files, please:
Ask @maximpn to provide you with an example of a polished and documentation-ready OpenAPI spec. Please also ask @maximpn for a link to the generated API reference documentation (at the time of creating this ticket, it didn't exist).