From 2f0aacbf0a5ffe8d3dbc274c649af5c7b2824bb7 Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Wed, 3 Dec 2025 21:13:36 -0500 Subject: [PATCH 1/4] First draft --- docs/release-notes/breaking-changes.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/docs/release-notes/breaking-changes.md b/docs/release-notes/breaking-changes.md index 2458f4aee425a..e1534d16c37fb 100644 --- a/docs/release-notes/breaking-changes.md +++ b/docs/release-notes/breaking-changes.md @@ -52,6 +52,16 @@ $$$kibana-213916$$$ View [#213916]({{kib-pull}}213916). :::: +$$$kibana-216558$$$ +::::{dropdown} API keys are used for authenticating report generation requests + +% **Details**
In 9.1.0, API keys are used for authenticating report generation requests, instead of session cookies that are based on user credentials. + +If you have a cross-cluster search environment and want to generate reports from remote clusters, you must have the appropriate cluster and index privileges on the remote cluster and local cluster. For example, if requests are authenticated with an API key, the API key requires certain privileges on the local cluster that contains the local index, instead of the remote. For more information and examples, refer to [Configure roles and users for remote clusters](../deploy-manage/remote-clusters/remote-clusters-cert.md#remote-clusters-privileges-cert). + +View [#216558]({{kib-pull}}216558). +:::: + ## 9.0.0 [kibana-900-breaking-changes] $$$kibana-193792$$$ :::{dropdown} Access to {{kib}}'s internal APIs is blocked From 24106a30a0d65756f0d91d131c5047d916ecac12 Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Wed, 3 Dec 2025 21:21:13 -0500 Subject: [PATCH 2/4] Updated ref --- docs/release-notes/breaking-changes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/release-notes/breaking-changes.md b/docs/release-notes/breaking-changes.md index e1534d16c37fb..2d4831c7b7774 100644 --- a/docs/release-notes/breaking-changes.md +++ b/docs/release-notes/breaking-changes.md @@ -57,7 +57,7 @@ $$$kibana-216558$$$ % **Details**
In 9.1.0, API keys are used for authenticating report generation requests, instead of session cookies that are based on user credentials. -If you have a cross-cluster search environment and want to generate reports from remote clusters, you must have the appropriate cluster and index privileges on the remote cluster and local cluster. For example, if requests are authenticated with an API key, the API key requires certain privileges on the local cluster that contains the local index, instead of the remote. For more information and examples, refer to [Configure roles and users for remote clusters](../deploy-manage/remote-clusters/remote-clusters-cert.md#remote-clusters-privileges-cert). +If you have a cross-cluster search environment and want to generate reports from remote clusters, you must have the appropriate cluster and index privileges on the remote cluster and local cluster. For example, if requests are authenticated with an API key, the API key requires certain privileges on the local cluster that contains the local index, instead of the remote. For more information and examples, refer to [Configure roles and users for remote clusters](docs-content://deploy-manage/remote-clusters/remote-clusters-cert.md#remote-clusters-privileges-cert) View [#216558]({{kib-pull}}216558). :::: From 7afd5fd7069edbcb4f56dc412473dc1542c76631 Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Wed, 3 Dec 2025 21:27:34 -0500 Subject: [PATCH 3/4] Removed comment char --- docs/release-notes/breaking-changes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/release-notes/breaking-changes.md b/docs/release-notes/breaking-changes.md index 2d4831c7b7774..9d97a0a900d59 100644 --- a/docs/release-notes/breaking-changes.md +++ b/docs/release-notes/breaking-changes.md @@ -55,7 +55,7 @@ View [#213916]({{kib-pull}}213916). $$$kibana-216558$$$ ::::{dropdown} API keys are used for authenticating report generation requests -% **Details**
In 9.1.0, API keys are used for authenticating report generation requests, instead of session cookies that are based on user credentials. +**Details**
In 9.1.0, API keys are used for authenticating report generation requests, instead of session cookies that are based on user credentials. If you have a cross-cluster search environment and want to generate reports from remote clusters, you must have the appropriate cluster and index privileges on the remote cluster and local cluster. For example, if requests are authenticated with an API key, the API key requires certain privileges on the local cluster that contains the local index, instead of the remote. For more information and examples, refer to [Configure roles and users for remote clusters](docs-content://deploy-manage/remote-clusters/remote-clusters-cert.md#remote-clusters-privileges-cert) From b44d2ecd7d8c1f7fc33d64d0f70367a89e34f92e Mon Sep 17 00:00:00 2001 From: Nastasha Solomon Date: Wed, 3 Dec 2025 21:34:40 -0500 Subject: [PATCH 4/4] Add period --- docs/release-notes/breaking-changes.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/release-notes/breaking-changes.md b/docs/release-notes/breaking-changes.md index 9d97a0a900d59..043d475af1c1b 100644 --- a/docs/release-notes/breaking-changes.md +++ b/docs/release-notes/breaking-changes.md @@ -39,7 +39,7 @@ If you are migrating from a version prior to version 9.0, you must first upgrade ## 9.2.0 [kibana-9.2.0-breaking-changes] $$$kibana-230067$$$ ::::{dropdown} Improved advanced settings management APIs privilege checks -% **Details**
Roles with explicit `read` access to advanced settings but `all` access to `SavedObjectManagement` can no longer update settings using the internal advanced settings API. This update enforces explicit privileges instead of relying on saved object security checks. +**Details**
Roles with explicit `read` access to advanced settings but `all` access to `SavedObjectManagement` can no longer update settings using the internal advanced settings API. This update enforces explicit privileges instead of relying on saved object security checks. View [#230067]({{kib-pull}}230067). :::: @@ -47,7 +47,7 @@ View [#230067]({{kib-pull}}230067). $$$kibana-213916$$$ ::::{dropdown} Change to variable syntax in {{esql}} queries -% **Details**
Fields and functions variables are now described with `??` in {{esql}} queries. For value variables, you can continue to use `?`. +**Details**
Fields and functions variables are now described with `??` in {{esql}} queries. For value variables, you can continue to use `?`. View [#213916]({{kib-pull}}213916). :::: @@ -57,7 +57,7 @@ $$$kibana-216558$$$ **Details**
In 9.1.0, API keys are used for authenticating report generation requests, instead of session cookies that are based on user credentials. -If you have a cross-cluster search environment and want to generate reports from remote clusters, you must have the appropriate cluster and index privileges on the remote cluster and local cluster. For example, if requests are authenticated with an API key, the API key requires certain privileges on the local cluster that contains the local index, instead of the remote. For more information and examples, refer to [Configure roles and users for remote clusters](docs-content://deploy-manage/remote-clusters/remote-clusters-cert.md#remote-clusters-privileges-cert) +If you have a cross-cluster search environment and want to generate reports from remote clusters, you must have the appropriate cluster and index privileges on the remote cluster and local cluster. For example, if requests are authenticated with an API key, the API key requires certain privileges on the local cluster that contains the local index, instead of the remote. For more information and examples, refer to [Configure roles and users for remote clusters](docs-content://deploy-manage/remote-clusters/remote-clusters-cert.md#remote-clusters-privileges-cert). View [#216558]({{kib-pull}}216558). ::::