Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Platform] - Add connectors to import/export API #118774

Closed
4 tasks done
yctercero opened this issue Nov 16, 2021 · 2 comments
Closed
4 tasks done

[Security Solution][Platform] - Add connectors to import/export API #118774

yctercero opened this issue Nov 16, 2021 · 2 comments
Labels
8.1 candidate 8.2 candidate considered, but not committed, for 8.2 release sdh-linked Team:Detection Engine Security Solution Detection Engine Area Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@yctercero
Copy link
Contributor

yctercero commented Nov 16, 2021

Describe the feature:
Currently, our import/export API provides the actions, but not the connectors. This means users still need to be aware of/interact with connectors separately in the SOM.

Test Criteria

  • User can export connectors with rules
  • User can import connectors with rules
  • User is notified that imported connectors need to be "fixed" by readding the auth info
  • Only users with correct license/privileges can import connectors
@botelastic botelastic bot added the needs-team Issues missing a team label label Nov 16, 2021
@yctercero yctercero added 8.1 candidate Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Security Solution Platform Security Solution Platform Team and removed needs-team Issues missing a team label labels Nov 16, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@peluja1012 peluja1012 added the 8.2 candidate considered, but not committed, for 8.2 release label Jan 19, 2022
@WafaaNasr WafaaNasr self-assigned this Jan 10, 2023
WafaaNasr added a commit that referenced this issue Feb 6, 2023
…148703)

## Summary

- [x] Addresses #118774 
- [x] Enable Security Rule to be **imported** even if one of its
connectors has a missing secret
- [x] Shows **Warning Callout** in the Import Modal when missing secrets
connector is imported.
- [x] Added Link `connectors` to the connectors page in the same tab, so
that the user can fix imported connectors.
- [x] Added `Overwrite existing connectors with conflicting action "id"`
option to the Import Modal

## Cases:

> **Export:**
> - Export Rule(s) with connectors through `Export All` or `Bulk
Actions`
> 
> **Import:**
>     - Import Rule with correct connectors data 
> - Import Rule with missing secrets' connectors by showing a warning
callout
> - Re-Import connectors even if they were stored when overwrite is true
> 
> **Error:**
> - Showing an error message when the user has a Read Actions permission
and stops the importing => ` You may not have actions privileges
required to import rules with actions ...`
> - Showing an error message when the user has an old imported rule
missing all the connectors data **OR** these connectors were not in the
user's env => `X connector is missing. Connector id missing is: X`
> - Showing an error if the new connectors defined in the exported file
are not corresponding to the actions array under the rules param => `X
connector is missing. Connector id missing is: X`
> - **Showing a ` conflict` error in case of existing connectors and
re-importing again with an `overwrite` false => this won't happen in
case of implementing the `Skipping action-connectors importing if all
connectors have been imported/created before`**
> 
> **Skip importing:**  
> - Skipping action-connectors importing if the `actions` array is
empty, even if the user has exported-connectors in the file
> - Skipping action-connectors importing if all connectors have been
imported/created before
> 



### Screenshots
> 
>  **1. Importing Connectors successfully**
> <img width="1219" alt="image"
src="https://user-images.githubusercontent.com/12671903/216049657-a313033b-e45e-4c99-b6ca-ed3070f15a97.png">
> 
>  **2. Importing Connectors with warnings**
<img width="1208" alt="image"
src="https://user-images.githubusercontent.com/12671903/216980057-b5cdfe38-da1b-479b-8cfd-81f16037ff1d.png">

**3.Connector Page**

<img width="1701" alt="image"
src="https://user-images.githubusercontent.com/12671903/216049911-da29abc8-e20c-49d2-a507-ab382372b4f6.png">


## New text: @nastasha-solomon

**1. Warning message**

 title => could be ` 1 connector imported` or `x connectors imported`
message => ` 1 connector has sensitive information that requires
updates. review in connectors` or `x connectors have sensitive
information that requires updates. review in connectors`

<img width="588" alt="image"
src="https://user-images.githubusercontent.com/12671903/216103805-9946b080-07d3-4e8b-93aa-b5e1dcaa415d.png">

**2. New `Overwrite` checkbox**
<img width="431" alt="image"
src="https://user-images.githubusercontent.com/12671903/216106354-3d435d64-0fa5-467b-90f1-effb2c0aef2a.png">


**3. Success Toast message**

<img width="434" alt="image"
src="https://user-images.githubusercontent.com/12671903/216104454-2d83744b-efbc-40c1-9e69-7e8b0670dd19.png">

**4. Error messages**
   a. Missing import action privileges
<img width="438" alt="image"
src="https://user-images.githubusercontent.com/12671903/216116350-f306d744-eef4-4064-b4f8-e794db4ad78e.png">

   b. Missing connectors  
<img width="353" alt="image"
src="https://user-images.githubusercontent.com/12671903/216104979-370f6826-8150-45d5-8724-6ca50f99ad71.png">
<img width="357" alt="image"
src="https://user-images.githubusercontent.com/12671903/216106067-e6132a93-d36e-4bdf-b1bf-e6ddd1cf8a4e.png">

 


- [x] References: Use **getImporter** and **getExporter** from Saved
Object [Connectors SO import/export
implementation](#98802) ,
[Kibana-Core
confirmation](https://elastic.slack.com/archives/C5TQ33ND8/p1673275186013589
)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
@yctercero yctercero added Team:Detection Engine Security Solution Detection Engine Area and removed Team:Security Solution Platform Security Solution Platform Team labels May 14, 2023
@yctercero
Copy link
Contributor Author

Completed 8.7

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
8.1 candidate 8.2 candidate considered, but not committed, for 8.2 release sdh-linked Team:Detection Engine Security Solution Detection Engine Area Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Development

No branches or pull requests

4 participants