This commit reworks the support for enabling and disabling endpoints,
replacing the on/off support that it provided with a finer-grained
access model that supports only allowing read-only access to endpoint
operations in addition to disabling an endpoint (access of none) and
fully enabling it (access of unrestricted).
The following properties are deprecated:
- management.endpoints.enabled-by-default
- management.endpoint.<id>.enabled
Their replacements are:
- management.endpoints.access.default
- management.endpoint.<id>.access
Similarly, the enableByDefault attribute on @Endpoint has been
deprecated with a new defaultAccess attribute replacing it.
Additionally, a new property has been introduced that allows an
operator to control the level of access to Actuator endpoints
that is permitted:
- management.endpoints.access.max-permitted
This property caps any access that may has been configured for
an endpoint. For example, if
management.endpoints.access.max-permitted is set to read-only and
management.endpoint.loggers.access is set to unrestricted, only
read-only access to the loggers endpoint will be allowed.
Closes gh-39046
25082d33e7