Commit 41bdf6fe authored by CI Runner's avatar CI Runner
Browse files

Fix changelog

parent 4a49e287
......@@ -21,39 +21,28 @@ n/a
## Features
* Introduce search\_guard\_roles for internal users
* Introduce search\_guard\_roles for internal users ([PR #706](https://github.com/floragunncom/search-guard/pull/706){:target="_blank"})
* This makes it possible to assign Search Guard roles directly to internal users without the need for using the role mapping
* [Intern users database](internal-users-database){:target="_blank"}
* [Internal users database](internal-users-database){:target="_blank"}
* Added `searchguard.filter_sgindex_from_all_requests` option in elasticsearch.yml to filter out the searchguard index from all-index requests
* When set to `true` Search Guard will under the hood filter out the searchguard index from requests targeting `all` indices like `*` or `_all`
* Default is `false` to make this change to a breaking change (will be `true` by default in future releases)
* Added ChaCha20 support for TLS 1.2
* Added ChaCha20 support for TLS 1.2 ([Commit 2e99232](https://github.com/floragunncom/search-guard/commit/2e99232e5ff45d5537c37c709636956a1ec4d7a8){:target="_blank"})
* This requires Oracle JDK >= 12 or OpenSSL 1.1.1
* Make it possible to disable built-in roles
* Make it possible to disable built-in roles ([PR #708](https://github.com/floragunncom/search-guard/pull/708){:target="_blank"})
* Search Guard 7 introduced new static built-in resources like roles and action groups. For backwards-compatibility with Search Guard 6, the static resources can be disabled in elasticsearch.yml by setting:
* `searchguard.unsupported.load_static_resources: false`
* Make `GLOBAL` a static built-in tenant
* In order to unify the Kibana GLOBAL tenant with the named tenants, we have introduced a static built-in `SGS_GLOBAL_TENANT`.
## Fixes
* [BREAKING] Fix wrong content-type in HTTP responses for REST API
* [GitHub #638: Wrong content-type in HTTP responses](https://github.com/floragunncom/search-guard/issues/638){:target="_blank"}
* [PR #52: Backport of "Always return a JSON response for REST Api with correct conent-type header"](https://github.com/floragunncom/search-guard-enterprise-modules/pull/52){:target="_blank"}
## Fixes
* [BREAKING] Use "backend_roles" instead of "roles" for the authinfo endpoint
* In the JSON returned by the authinfo endpoint, "roles" have been renamed to "backend_roles" to make it clear that the listed roles are not Search Guard roles.
* [BREAKING] Renamed the `sgconfig` REST API endpoint to `sg_config`
* This is to streamline the Search Guard naming conventions
* The `sgconfig` still works, but is deprecated and will be removed in Search Guard 8
* [BREAKING] Use "backend_roles" instead of "roles" for the authinfo endpoint([PR #707](https://github.com/floragunncom/search-guard/pull/707){:target="_blank"})
* In the JSON returned by the authinfo endpoint, "roles" have been renamed to "backend_roles" to make it clear that the listed roles are not Search Guard roles.
* Fixed build pipeline to circumvent wrong plugin version info
* [GitHub #700: searchguard 6.8.0-25.1 version issue ](https://github.com/floragunncom/search-guard/issues/700){:target="_blank"}
* [GitHub #700: searchguard 6.8.0-25.1 version issue](https://github.com/floragunncom/search-guard/issues/700){:target="_blank"}
* Fix default permissions to allow Index Lifecycle Management (ILM) for logstash user and beats
* [GitHub #694: Beats With ILM Enabled Failed To check For Alias: 403](https://github.com/floragunncom/search-guard/issues/694){:target="_blank"}
......@@ -88,5 +77,13 @@ n/a
* Fix access control exception with `ldap2` backend
* Added cluster:admin/xpack/monitoring* permission to SGS_LOGSTASH. This was missing and caused logstash monitoring not working in Kibana. [PR #709: Better tolerate IdP problems upon startup](https://github.com/floragunncom/search-guard/pull/709){:target="_blank"}
* Fix built-in roles to work with xp monitoring when multi cluster monitoring is supported
* Validate all config files before uploading them via sgadmin and make sure yaml parser does not tolerate duplicate keys
* Include error details in "details" field in case the submitted payload is unparseable, renamed internal method
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment