diff --git a/src/platform/plugins/shared/console/server/routes/api/console/autocomplete_entities/index.ts b/src/platform/plugins/shared/console/server/routes/api/console/autocomplete_entities/index.ts index 0dacd8e93cc9b..50eb9e42cda44 100644 --- a/src/platform/plugins/shared/console/server/routes/api/console/autocomplete_entities/index.ts +++ b/src/platform/plugins/shared/console/server/routes/api/console/autocomplete_entities/index.ts @@ -90,6 +90,12 @@ export const registerAutocompleteEntitiesRoute = (deps: RouteDependencies) => { options: { tags: ['access:console'], }, + security: { + authz: { + enabled: false, + reason: 'Relies on es client for authorization', + }, + }, validate: autoCompleteEntitiesValidationConfig, }, async (context, request, response) => { diff --git a/src/platform/plugins/shared/console/server/routes/api/console/es_config/index.ts b/src/platform/plugins/shared/console/server/routes/api/console/es_config/index.ts index a1d1a6cdb7950..817d8d7cc7e3a 100644 --- a/src/platform/plugins/shared/console/server/routes/api/console/es_config/index.ts +++ b/src/platform/plugins/shared/console/server/routes/api/console/es_config/index.ts @@ -11,19 +11,31 @@ import { EsConfigApiResponse } from '../../../../../common/types/api_responses'; import { RouteDependencies } from '../../..'; export const registerEsConfigRoute = ({ router, services }: RouteDependencies): void => { - router.get({ path: '/api/console/es_config', validate: false }, async (ctx, req, res) => { - const cloudUrl = services.esLegacyConfigService.getCloudUrl(); - if (cloudUrl) { - const body: EsConfigApiResponse = { host: cloudUrl }; + router.get( + { + path: '/api/console/es_config', + security: { + authz: { + enabled: false, + reason: 'Low effort request for config content', + }, + }, + validate: false, + }, + async (ctx, req, res) => { + const cloudUrl = services.esLegacyConfigService.getCloudUrl(); + if (cloudUrl) { + const body: EsConfigApiResponse = { host: cloudUrl }; - return res.ok({ body }); - } - const { - hosts: [host], - } = await services.esLegacyConfigService.readConfig(); + return res.ok({ body }); + } + const { + hosts: [host], + } = await services.esLegacyConfigService.readConfig(); - const body: EsConfigApiResponse = { host }; + const body: EsConfigApiResponse = { host }; - return res.ok({ body }); - }); + return res.ok({ body }); + } + ); }; diff --git a/src/platform/plugins/shared/console/server/routes/api/console/proxy/index.ts b/src/platform/plugins/shared/console/server/routes/api/console/proxy/index.ts index d30aa32060b73..5b0e3c6103762 100644 --- a/src/platform/plugins/shared/console/server/routes/api/console/proxy/index.ts +++ b/src/platform/plugins/shared/console/server/routes/api/console/proxy/index.ts @@ -17,12 +17,16 @@ export const registerProxyRoute = (deps: RouteDependencies) => { { path: '/api/console/proxy', options: { - tags: ['access:console'], body: { output: 'stream', parse: false, }, }, + security: { + authz: { + requiredPrivileges: ['console'], + }, + }, validate: routeValidationConfig, }, createHandler(deps) diff --git a/src/platform/plugins/shared/console/server/routes/api/console/spec_definitions/index.ts b/src/platform/plugins/shared/console/server/routes/api/console/spec_definitions/index.ts index 2b2e003e7eb39..e4f500fb14e7b 100644 --- a/src/platform/plugins/shared/console/server/routes/api/console/spec_definitions/index.ts +++ b/src/platform/plugins/shared/console/server/routes/api/console/spec_definitions/index.ts @@ -32,5 +32,17 @@ export const registerSpecDefinitionsRoute = ({ router, services }: RouteDependen }); }; - router.get({ path: '/api/console/api_server', validate: false }, handler); + router.get( + { + path: '/api/console/api_server', + security: { + authz: { + enabled: false, + reason: 'Low effort request for config info', + }, + }, + validate: false, + }, + handler + ); };