Skip to content

Include AuthorizationEnabled in auth configuration#5588

Merged
WilliamBZA merged 1 commit into
masterfrom
authorization-setting-improvements
Jul 9, 2026
Merged

Include AuthorizationEnabled in auth configuration#5588
WilliamBZA merged 1 commit into
masterfrom
authorization-setting-improvements

Conversation

@WilliamBZA

@WilliamBZA WilliamBZA commented Jul 9, 2026

Copy link
Copy Markdown
Member

  • Adds a field that ServicePulse can use to determine if authorization is enabled
  • Adds validation that authorization is not enabled while authentication is disabled

@WilliamBZA WilliamBZA merged commit 6b01141 into master Jul 9, 2026
33 checks passed
@WilliamBZA WilliamBZA deleted the authorization-setting-improvements branch July 9, 2026 08:53
WilliamBZA added a commit that referenced this pull request Jul 9, 2026
* Add improvements to authorization settings

* Add ecs.version to the audit log ECS documents (#5584)

The authorization and message-action audit documents omitted the
ecs.version field. ECS-consuming pipelines (Elasticsearch's built-in
logs-*-* index template, Elastic Security, other SIEMs) use ecs.version
to select the matching field mappings, so a conformant document should
declare it. Both streams now emit "ecs": { "version": "8.11.0" } — the
latest ECS schema release, whose event.category/type/outcome and user.*
fields are what these documents already use.

Additive, non-breaking output change. First shipped in 6.18.0 without the
field, so this targets the next patch (6.18.1) or minor (6.19.0).

ECS version field: https://www.elastic.co/guide/en/ecs/current/ecs-ecs.html
event.type allowed values (allowed/denied/change/deletion):
https://www.elastic.co/guide/en/ecs/current/ecs-allowed-values-event-type.html
ECS releases: https://github.com/elastic/ecs/releases

* Add user.roles to the authorization audit log (#5583)

Add user.roles to the authorization audit log

Emit the roles the principal held as the ECS user.roles array on each
authorization decision, so SIEMs can facet and alert on roles instead of
parsing them out of the free-text reason. Omitted when the principal has
no roles.

* Add improvements to authorization settings (#5588)

---------

Co-authored-by: Ramon Smits <ramon.smits@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

ServiceControl does not let clients know the enabled state of Role-Based Authorization

2 participants