Unauthorized route migration for routes owned by obs-ai-assistant,security-solution (elastic#198338)

kibanamachine · ashokaditya · viduni94 · JoseLuisGJ · commit ee0ef135be56 · 2025-03-24T12:46:12.000+01:00
### Authz API migration for unauthorized routes This PR migrates unauthorized routes owned by your team to a new security configuration. Please refer to the documentation for more information: [Authorization API](https://docs.elastic.dev/kibana-dev-docs/key-concepts/security-api-authorization) ### **Before migration:** ```ts router.get({ path: '/api/path', ... }, handler); ``` ### **After migration:** ```ts router.get({ path: '/api/path', security: { authz: { enabled: false, reason: 'This route is opted out from authorization because ...', }, }, ... }, handler); ``` ### What to do next? 1. Review the changes in this PR. 2. Elaborate on the reasoning to opt-out of authorization. 3. Routes without a compelling reason to opt-out of authorization should plan to introduce them as soon as possible. 2. You might need to update your tests to reflect the new security configuration: - If you have snapshot tests that include the route definition. ## Any questions? If you have any questions or need help with API authorization, please reach out to the `@elastic/kibana-security` team. Co-authored-by: Ashokaditya <ashokaditya@elastic.co> Co-authored-by: Viduni Wickramarachchi <viduni.wickramarachchi@elastic.co>
diff --git a/x-pack/platform/plugins/private/data_usage/server/routes/internal/data_streams.ts b/x-pack/platform/plugins/private/data_usage/server/routes/internal/data_streams.ts
@@ -22,6 +22,12 @@ export const registerDataStreamsRoute = (
     .addVersion(
       {
         version: '1',
+        security: {
+          authz: {
+            enabled: false,
+            reason: 'This route is opted out from authorization',
+          },
+        },
         validate: {
           request: DataStreamsRequestSchema,
           response: {
diff --git a/x-pack/platform/plugins/private/data_usage/server/routes/internal/usage_metrics.ts b/x-pack/platform/plugins/private/data_usage/server/routes/internal/usage_metrics.ts
@@ -23,6 +23,12 @@ export const registerUsageMetricsRoute = (
     .addVersion(
       {
         version: '1',
+        security: {
+          authz: {
+            enabled: false,
+            reason: 'This route is opted out from authorization',
+          },
+        },
         validate: {
           request: {
             body: UsageMetricsRequestSchema,
