Skip to content

[Alerting V2][Serverless & 9.5][M2] Add authorization page for the experimental alerting system#7304

Open
nastasha-solomon wants to merge 2 commits into
mainfrom
alerting/experimental-authorization
Open

[Alerting V2][Serverless & 9.5][M2] Add authorization page for the experimental alerting system#7304
nastasha-solomon wants to merge 2 commits into
mainfrom
alerting/experimental-authorization

Conversation

@nastasha-solomon

@nastasha-solomon nastasha-solomon commented Jul 9, 2026

Copy link
Copy Markdown
Member

Summary

Contributes to https://github.com/elastic/docs-content-internal/issues/1389. This PR adds an authorization reference page for the experimental alerting system, explaining how rules and workflow invocations are authorized, how API keys are stored and refreshed, and how to resolve authorization errors.

Navigation structure

Alerting 
└── Authorization

Review requests

This PR needs a technical and editorial review.

🔧 Technical reviewer

Please focus on accuracy only. Pay particular attention to:

  • "Whose privileges authorize a run" table — Confirm that rule execution uses the API key of the user who last saved the rule, and that workflow invocations triggered by action policies use the workflow's own stored API key.
  • Dispatcher paragraph — Confirm that action policy evaluation runs in a background dispatcher process that does not use a user's stored credentials. If this is incorrect or incomplete, please clarify what credentials the dispatcher uses.
  • TODO comment before "Check and fix errors" — this flags open questions about whether the dispatcher can produce its own authorization errors and where they surface. Please answer these directly in a review comment so the section can be completed.

✏️ Editorial reviewer

This PR adds one page that covers the API key authorization model for the experimental alerting system. It is modeled on explore-analyze/workflows/authorization.md for structural and terminology consistency.

Please review for clarity and consistency with the workflows authorization page. Note that some structural similarity between the two pages is intentional.

🚫 What to skip for now

The TODO comment block before "Check and fix errors" is intentionally incomplete pending a technical follow-up. Do not flag it.

Previews — 📁 New content

Page name Description File ✏️ Ready for editorial review 🔧 Ready for technical review
Authorization in the experimental alerting system API key model; whose privileges authorize rule runs and workflow invocations; how to keep credentials current; error table explore-analyze/alerting/experimental-alerting-system/authorization.md

Note on toc.yml conflicts: This PR adds one entry to toc.yml. It should be merged after PR #6521, which introduces the system-overview.md parent entry. When resolving the conflict, nest authorization.md as a child of alerting/system-overview.md.

Generative AI disclosure

  1. Did you use a generative AI (GenAI) tool to assist in creating this contribution?
  • Yes — Cursor + Claude
  • No

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Elastic Docs AI PR menu

Check the box to run an AI review for this pull request.

  • Review docs changes (docs-review). Status: not started.

Powered by GitHub Agentic Workflows and docs-actions. For more information, reach out to the docs team.

@nastasha-solomon nastasha-solomon changed the title [Alerting V2][Serverless & 9.5][M2] [Alerting V2][Serverless & 9.5][M2] Add authorization page for the experimental alerting system Jul 9, 2026
@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

🔍 Preview links for changed docs

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Elastic Docs Style Checker (Vale)

Summary: 1 suggestion found

💡 Suggestions (1): Optional style improvements. Apply when helpful.
File Line Rule Message
explore-analyze/alerting/experimental-alerting-system/authorization.md 59 Elastic.WordChoice Consider using 'deactivated, deselected, hidden, turned off, unavailable' instead of 'disabled', unless the term is in the UI.

The Vale linter checks documentation changes against the Elastic Docs style guide. To use Vale locally or report issues, refer to Elastic style guide for Vale.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant