Merge branch 'main' of github.com:elastic/kibana into o11y-rbac-rule-…

…feature-branch
elastic · Aug 30, 2023 · 89427ff · 89427ff
2 parents e68adb7 + 501e9bd
commit 89427ff
Show file tree

Hide file tree

Showing 88 changed files with 2,575 additions and 1,311 deletions.
diff --git a/docs/api/role-management/put.asciidoc b/docs/api/role-management/put.asciidoc
@@ -26,7 +26,7 @@ To use the create or update role API, you must have the `manage_security` cluste
 
 `elasticsearch`::
   (Optional, object) {es} cluster and index privileges. Valid keys include
-  `cluster`, `indices`, and `run_as`. For more information, see
+  `cluster`, `indices`, `remote_indices`, and `run_as`. For more information, see
   {ref}/defining-roles.html[Defining roles].
 
 `kibana`::
@@ -63,7 +63,7 @@ To use the create or update role API, you must have the `manage_security` cluste
 `204`::
   Indicates a successful call.
 
-'409'::
+`409`::
   When `createOnly` is true, indicates a conflict with an existing role.
 
 ==== Examples
@@ -74,60 +74,32 @@ Grant access to various features in all spaces:
 --------------------------------------------------
 $ curl -X PUT api/security/role/my_kibana_role
 {
-  "metadata" : {
-    "version" : 1
+  "metadata": {
+    "version": 1
   },
   "elasticsearch": {
-    "cluster" : [ ],
-    "indices" : [ ]
+    "cluster": [ ],
+    "indices": [ ]
   },
   "kibana": [
     {
-      "base": [],
+      "base": [ ],
       "feature": {
-       "discover": [
-          "all"
-        ],
-        "visualize": [
-          "all"
-        ],
-        "dashboard": [
-          "all"
-        ],
-        "dev_tools": [
-          "read"
-        ],
-        "advancedSettings": [
-          "read"
-        ],
-        "indexPatterns": [
-          "read"
-        ],
-        "graph": [
-          "all"
-        ],
-        "apm": [
-          "read"
-        ],
-        "maps": [
-          "read"
-        ],
-        "canvas": [
-          "read"
-        ],
-        "infrastructure": [
-          "all"
-        ],
-        "logs": [
-          "all"
-        ],
-        "uptime": [
-          "all"
-        ]
+       "discover": [ "all" ],
+        "visualize": [ "all" ],
+        "dashboard": [ "all" ],
+        "dev_tools": [ "read" ],
+        "advancedSettings": [ "read" ],
+        "indexPatterns": [ "read" ],
+        "graph": [ "all" ],
+        "apm": [ "read" ],
+        "maps": [ "read" ],
+        "canvas": [ "read" ],
+        "infrastructure": [ "all" ],
+        "logs": [ "all" ],
+        "uptime": [ "all"  ]
       },
-      "spaces": [
-        "*"
-      ]
+      "spaces": [ "*" ]
     }
   ]
 }
@@ -140,22 +112,20 @@ Grant dashboard-only access to only the Marketing space:
 --------------------------------------------------
 $ curl -X PUT api/security/role/my_kibana_role
 {
-  "metadata" : {
-    "version" : 1
+  "metadata": {
+    "version": 1
   },
   "elasticsearch": {
-    "cluster" : [ ],
-    "indices" : [ ]
+    "cluster": [ ],
+    "indices": [ ]
   },
   "kibana": [
     {
-      "base": [],
+      "base": [ ],
       "feature": {
-        "dashboard": ["read"]
+        "dashboard": [ "read" ]
       },
-      "spaces": [
-        "marketing"
-      ]
+      "spaces": [ "marketing" ]
     }
   ]
 }
@@ -168,21 +138,18 @@ Grant full access to all features in the Default space:
 --------------------------------------------------
 $ curl -X PUT api/security/role/my_kibana_role
 {
-  "metadata" : {
-    "version" : 1
+  "metadata": {
+    "version": 1
   },
   "elasticsearch": {
-    "cluster" : [ ],
-    "indices" : [ ]
+    "cluster": [ ],
+    "indices": [ ]
   },
   "kibana": [
     {
-      "base": ["all"],
-      "feature": {
-      },
-      "spaces": [
-        "default"
-      ]
+      "base": [ "all" ],
+      "feature": { },
+      "spaces": [ "default" ]
     }
   ]
 }
@@ -195,30 +162,25 @@ Grant different access to different spaces:
 --------------------------------------------------
 $ curl -X PUT api/security/role/my_kibana_role
 {
-  "metadata" : {
-    "version" : 1
+  "metadata": {
+    "version": 1
   },
   "elasticsearch": {
-    "cluster" : [ ],
-    "indices" : [ ]
+    "cluster": [ ],
+    "indices": [ ]
   },
   "kibana": [
     {
-      "base": [],
+      "base": [ ],
       "feature": {
-        "discover": ["all"],
-        "dashboard": ["all"]
+        "discover": [ "all" ],
+        "dashboard": [ "all" ]
       },
-      "spaces": [
-        "default"
-      ]
+      "spaces": [ "default" ]
     },
     {
-      "base": ["read"],
-      "spaces": [
-        "marketing",
-        "sales"
-      ]
+      "base": [ "read"] ,
+      "spaces": [ "marketing", "sales" ]
     }
   ]
 }
@@ -231,28 +193,30 @@ Grant access to {kib} and {es}:
 --------------------------------------------------
 $ curl -X PUT api/security/role/my_kibana_role
 {
-  "metadata" : {
-    "version" : 1
+  "metadata": {
+    "version": 1
   },
   "elasticsearch": {
-    "cluster" : [ "all" ],
-    "indices" : [ {
-      "names" : [ "index1", "index2" ],
-      "privileges" : [ "all" ],
-      "field_security" : {
-        "grant" : [ "title", "body" ]
-      },
-      "query" : "{\"match\": {\"title\": \"foo\"}}"
-    } ]
+    "cluster": [ "all" ],
+    "indices": [
+      {
+        "names": [ "index1", "index2" ],
+        "privileges": [ "all" ]
+      }
+    ],
+    "remote_indices": [
+      {
+        "clusters": [ "remote_cluster1" ],
+        "names": [ "remote_index1", "remote_index2" ],
+        "privileges": [ "all" ]
+      }
+    ]
   },
   "kibana": [
     {
-      "base": ["all"],
-      "feature": {
-      },
-      "spaces": [
-        "default"
-      ]
+      "base": [ "all" ],
+      "feature": { },
+      "spaces": [ "default" ]
     }
   ]
 }

diff --git a/docs/developer/advanced/sharing-saved-objects.asciidoc b/docs/developer/advanced/sharing-saved-objects.asciidoc
@@ -166,7 +166,7 @@ const savedObject = resolveResult.saved_object;
 TIP: See an example of this in https://github.com/elastic/kibana/pull/107256#user-content-example-steps[step 2 of the POC]!
 
 The
-https://github.com/elastic/kibana/blob/main/docs/development/core/server/kibana-plugin-core-server.savedobjectsresolveresponse.md[SavedObjectsResolveResponse
+{kib-repo}blob/{branch}/packages/core/saved-objects/core-saved-objects-api-server/src/apis/resolve.ts[SavedObjectsResolveResponse
 interface] has four fields, summarized below:
 
 * `saved_object` - The saved object that was found.
@@ -373,7 +373,7 @@ image::images/sharing-saved-objects-step-6.png["Sharing Saved Objects registrati
 > *Update saved object delete API usage to handle multiple spaces*
 
 If an object is shared to multiple spaces, it cannot be deleted without using the
-https://github.com/elastic/kibana/blob/{branch}/docs/development/core/server/kibana-plugin-core-server.savedobjectsdeleteoptions.md[`force`
+{kib-repo}blob/{branch}/packages/core/saved-objects/core-saved-objects-api-server/src/apis/delete.ts[`force`
 delete option]. You should always be aware when a saved object exists in multiple spaces, and you should warn users in that case.
 
 If your UI allows users to delete your objects, you can define a warning message like this:
@@ -477,7 +477,7 @@ return (
 
 2. Allow users to access your objects in the <<managing-saved-objects,Saved Objects Management page>> in <<management>>. You can do this by
    ensuring that your objects are marked as
-   https://github.com/elastic/kibana/blob/{branch}/docs/development/core/server/kibana-plugin-core-server.savedobjectstypemanagementdefinition.md[importable and exportable] in your <<saved-objects-type-registration,saved object type registration>>:
+   {kib-repo}blob/{branch}/packages/core/saved-objects/core-saved-objects-server/src/saved_objects_management.ts[importable and exportable] in your <<saved-objects-type-registration,saved object type registration>>:
 +
 ```ts
 name: 'my-object-type',

diff --git a/docs/developer/architecture/add-data-tutorials.asciidoc b/docs/developer/architecture/add-data-tutorials.asciidoc
@@ -16,7 +16,7 @@ Each tutorial contains three sets of instructions:
 The function must return a function object that conforms to the `TutorialSchema` interface link:{kib-repo}tree/{branch}/src/plugins/home/server/services/tutorials/lib/tutorial_schema.ts[tutorial schema].
 3. Register the tutorial in link:{kib-repo}tree/{branch}/src/plugins/home/server/tutorials/register.ts[register.ts] by adding it to the `builtInTutorials`.
 // TODO update path once assets are migrated
-4. Add image assets to the link:{kib-repo}tree/{branch}/src/legacy/core_plugins/kibana/public/home/tutorial_resources[tutorial_resources directory].
+4. Add image assets to the `tutorial_resources` directory.
 5. Run {kib} locally to preview the tutorial.
 6. Create a PR and go through the review process to get the changes approved.
 
@@ -34,5 +34,5 @@ link:{kib-repo}tree/{branch}/src/plugins/home/public/application/components/tuto
 ==== Markdown
 String values can contain limited Markdown syntax.
 
-link:{kib-repo}tree/{branch}/src/legacy/core_plugins/kibana/public/home/components/tutorial/content.js[Enabled Markdown grammars]
+https://elastic.github.io/eui/#/editors-syntax/markdown-format[Enabled Markdown grammars]
 
diff --git a/docs/developer/architecture/development/csv-integration.asciidoc b/docs/developer/architecture/development/csv-integration.asciidoc
@@ -21,7 +21,7 @@ interface jobParameters {
 }
 ----
 
-The `searchRequest.body` should abide by the {ref}/search-request-body.html[Elasticsearch Search Request Body] syntax
+The `searchRequest.body` should abide by the {ref}/search-search.html[Elasticsearch Search Request Body] syntax
 
 [float]
 ==== `export-config` Directive
@@ -48,4 +48,4 @@ function getSharingTitle() string;
 
 ----
 
-The `sharingData.searchRequest.body` should abide by the {ref}/search-request-body.html[Elasticsearch Search Request Body] syntax
+The `sharingData.searchRequest.body` should abide by the {ref}/search-search.html[{es} Search Request Body] syntax
diff --git a/docs/developer/architecture/index.asciidoc b/docs/developer/architecture/index.asciidoc
@@ -14,7 +14,7 @@ To begin plugin development, we recommend reading our overview of how plugins wo
 
 Our developer services are changing all the time. One of the best ways to discover and learn about them is to read the available
 READMEs inside our plugins folders: {kib-repo}tree/{branch}/src/plugins[src/plugins] and
-{kib-repo}/tree/{branch}/x-pack/plugins[x-pack/plugins].
+{kib-repo}tree/{branch}/x-pack/plugins[x-pack/plugins].
 
 A few services also automatically generate api documentation which can be browsed inside the {kib-repo}tree/{branch}/docs/development[docs/development section of our repo]
 

diff --git a/docs/developer/architecture/kibana-platform-plugin-api.asciidoc b/docs/developer/architecture/kibana-platform-plugin-api.asciidoc
@@ -44,14 +44,14 @@ plugin and to specify if this plugin has server-side code, browser-side code, or
 }
 ----
 
-Learn about the {kib-repo}blob/{branch}/docs/development/core/server/kibana-plugin-core-server.pluginmanifest.md[manifest
+Learn about the {kib-repo}blob/{branch}/packages/core/plugins/core-plugins-server/src/types.ts[manifest
 file format].
 
 NOTE: `package.json` files are irrelevant to and ignored by {kib} for discovering and loading plugins.
 
 *[2] `public/index.ts`* is the entry point into the client-side code of
 this plugin. It must export a function named `plugin`, which will
-receive {kib-repo}blob/{branch}/docs/development/core/public/kibana-plugin-core-public.plugininitializercontext.md[a standard set of core capabilities] as an argument.
+receive {kib-repo}blob/{branch}/packages/core/plugins/core-plugins-browser/src/plugin_initializer.ts[a standard set of core capabilities] as an argument.
 It should return an instance of its plugin class for
 {kib} to load.
 
@@ -93,7 +93,7 @@ export class MyPlugin implements Plugin {
 ----
 
 *[4] `server/index.ts`* is the entry-point into the server-side code of
-this plugin. {kib-repo}blob/{branch}/docs/development/core/server/kibana-plugin-core-server.plugininitializercontext.md[It is identical] in almost every way to the client-side
+this plugin. {kib-repo}blob/{branch}/packages/core/plugins/core-plugins-server/src/types.ts[It is identical] in almost every way to the client-side
 entry-point:
 
 
@@ -221,16 +221,16 @@ These are the contracts exposed by the core services for each lifecycle:
 |===
 |lifecycle |server contract|browser contract
 |_constructor_
-|{kib-repo}blob/{branch}/docs/development/core/server/kibana-plugin-core-server.plugininitializercontext.md[PluginInitializerContext]
-|{kib-repo}blob/{branch}/docs/development/core/public/kibana-plugin-core-public.plugininitializercontext.md[PluginInitializerContext]
+|{kib-repo}blob/{branch}/packages/core/plugins/core-plugins-server/src/types.ts[PluginInitializerContext]
+|{kib-repo}blob/{branch}/packages/core/plugins/core-plugins-browser/src/plugin_initializer.ts[PluginInitializerContext]
 
 |_setup_
-|{kib-repo}blob/{branch}/docs/development/core/server/kibana-plugin-core-server.coresetup.md[CoreSetup]
-|{kib-repo}blob/{branch}/docs/development/core/public/kibana-plugin-core-public.coresetup.md[CoreSetup]
+|{kib-repo}blob/{branch}/packages/core/lifecycle/core-lifecycle-server/src/core_setup.ts[CoreSetup]
+|{kib-repo}blob/{branch}/packages/core/lifecycle/core-lifecycle-browser-internal/src/internal_core_setup.ts[CoreSetup]
 
 |_start_
-|{kib-repo}blob/{branch}/docs/development/core/server/kibana-plugin-core-server.corestart.md[CoreStart]
-|{kib-repo}blob/{branch}/docs/development/core/public/kibana-plugin-core-public.corestart.md[CoreStart]
+|{kib-repo}blob/{branch}/packages/core/lifecycle/core-lifecycle-server/src/core_start.ts[CoreStart]
+|{kib-repo}blob/{branch}/packages/core/lifecycle/core-lifecycle-browser/src/core_start.ts[CoreStart]
 
 |_stop_ |
 |===
@@ -283,7 +283,7 @@ export class MyPlugin implements Plugin<FoobarPluginSetup, FoobarPluginStart> {
 Unlike core, capabilities exposed by plugins are _not_ automatically
 injected into all plugins. Instead, if a plugin wishes to use the public
 interface provided by another plugin, it must first declare that
-plugin as a dependency in it's {kib-repo}blob/{branch}/docs/development/core/server/kibana-plugin-core-server.pluginmanifest.md[`kibana.json`] manifest file.
+plugin as a dependency in it's {kib-repo}blob/{branch}/packages/core/plugins/core-plugins-server/src/types.ts[`kibana.json`] manifest file.
 
 *demo kibana.json:*
 

diff --git a/docs/developer/architecture/security/feature-registration.asciidoc b/docs/developer/architecture/security/feature-registration.asciidoc
@@ -39,7 +39,7 @@ Registering a feature consists of the following fields. For more information, co
 |A human readable name for your feature.
 
 |`category` (required)
-|{kib-repo}blob/{branch}/src/core/types/app_category.ts[`AppCategory`]
+|{kib-repo}blob/{branch}/packages/core/application/core-application-common/src/app_category.ts[`AppCategory`]
 |`DEFAULT_APP_CATEGORIES.kibana`
 |The `AppCategory` which best represents your feature. Used to organize the display
 of features within the management screens.
@@ -50,12 +50,12 @@ of features within the management screens.
 |An array of applications this feature enables. Typically, all of your plugin's apps (from `uiExports`) will be included here.
 
 |`privileges` (required)
-|{kib-repo}blob/{branch}/x-pack/plugins/features/common/feature.ts[`KibanaFeatureConfig`].
+|{kib-repo}blob/{branch}/x-pack/plugins/features/common/kibana_feature.ts[`KibanaFeatureConfig`].
 |See <<example-1-canvas,Example 1>> and <<example-2-dev-tools,Example 2>>
 |The set of privileges this feature requires to function.
 
 |`subFeatures` (optional)
-|{kib-repo}blob/{branch}/x-pack/plugins/features/common/feature.ts[`KibanaFeatureConfig`].
+|{kib-repo}blob/{branch}/x-pack/plugins/features/common/kibana_feature.ts[`KibanaFeatureConfig`].
 |See <<example-3-discover,Example 3>>
 |The set of subfeatures that enables finer access control than the `all` and `read` feature privileges. These options are only available in the Gold subscription level and higher.