[Security Solution] Configure roles with AI Assistant (elastic#170160)

## Summary Adding `feature_securitySolutionAssistant.all` to all roles in Kibana. Cypress test added to check different tiers have different authorization to AI Assistant: `x-pack/test/security_solution_cypress/cypress/e2e/ai_assistant/` - `ai_assistant_feature_complete.cy.ts` - `ai_assistant_feature_essentials.cy.ts` Co-authored-by: Kibana Machine <[email protected]>
delanni · Nov 6, 2023 · c84a949 · c84a949
1 parent ec08b21
commit c84a949
Show file tree

Hide file tree

Showing 6 changed files with 110 additions and 0 deletions.
diff --git a/packages/kbn-es/src/serverless_resources/roles.yml b/packages/kbn-es/src/serverless_resources/roles.yml
@@ -128,6 +128,7 @@ t1_analyst:
         - feature_siem.read_alerts
         - feature_siem.endpoint_list_read
         - feature_securitySolutionCases.read
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.read
         - feature_osquery.read
@@ -175,6 +176,7 @@ t2_analyst:
         - feature_siem.read_alerts
         - feature_siem.endpoint_list_read
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.read
         - feature_osquery.read
@@ -239,6 +241,7 @@ t3_analyst:
         - feature_siem.actions_log_management_all # Response actions history
         - feature_siem.file_operations_all
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -289,6 +292,7 @@ threat_intelligence_analyst:
         - feature_siem.endpoint_list_read
         - feature_siem.blocklist_all
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.read
         - feature_osquery.all
@@ -353,6 +357,7 @@ rule_author:
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_siem.actions_log_management_read
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -420,6 +425,7 @@ soc_manager:
         - feature_siem.file_operations_all
         - feature_siem.execute_operations_all
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -472,6 +478,7 @@ detections_admin:
         - feature_siem.read_alerts
         - feature_siem.crud_alerts
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_dev_tools.all
@@ -520,6 +527,7 @@ platform_engineer:
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_siem.actions_log_management_read
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_fleet.all
@@ -583,6 +591,7 @@ endpoint_operations_analyst:
         - feature_siem.file_operations_all
         - feature_siem.execute_operations_all # Execute
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -642,6 +651,7 @@ endpoint_policy_manager:
         - feature_siem.host_isolation_exceptions_all
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_osquery.all

diff --git a/...solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml b/...solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml
@@ -175,6 +175,7 @@ t1_analyst:
         - feature_siem.read_alerts
         - feature_siem.endpoint_list_read
         - feature_securitySolutionCases.read
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.read
         - feature_osquery.read
@@ -222,6 +223,7 @@ t2_analyst:
         - feature_siem.read_alerts
         - feature_siem.endpoint_list_read
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.read
         - feature_osquery.read
@@ -286,6 +288,7 @@ t3_analyst:
         - feature_siem.actions_log_management_all # Response actions history
         - feature_siem.file_operations_all
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -336,6 +339,7 @@ threat_intelligence_analyst:
         - feature_siem.endpoint_list_read
         - feature_siem.blocklist_all
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.read
         - feature_osquery.all
@@ -400,6 +404,7 @@ rule_author:
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_siem.actions_log_management_read
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -467,6 +472,7 @@ soc_manager:
         - feature_siem.file_operations_all
         - feature_siem.execute_operations_all
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -519,6 +525,7 @@ detections_admin:
         - feature_siem.read_alerts
         - feature_siem.crud_alerts
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_dev_tools.all
@@ -567,6 +574,7 @@ platform_engineer:
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_siem.actions_log_management_read
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_fleet.all
@@ -630,6 +638,7 @@ endpoint_operations_analyst:
         - feature_siem.file_operations_all
         - feature_siem.execute_operations_all # Execute
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -689,6 +698,7 @@ endpoint_policy_manager:
         - feature_siem.host_isolation_exceptions_all
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_osquery.all

diff --git a/...st/security_solution_cypress/cypress/e2e/ai_assistant/ai_assistant_feature_complete.cy.ts b/...st/security_solution_cypress/cypress/e2e/ai_assistant/ai_assistant_feature_complete.cy.ts
@@ -0,0 +1,35 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { AI_ASSISTANT_BUTTON } from '../../screens/ai_assistant';
+import { login } from '../../tasks/login';
+import { visitGetStartedPage } from '../../tasks/navigation';
+
+describe(
+  'App Features for Security Complete',
+  {
+    tags: ['@serverless'],
+    env: {
+      ftrConfig: {
+        productTypes: [
+          { product_line: 'security', product_tier: 'complete' },
+          { product_line: 'endpoint', product_tier: 'complete' },
+        ],
+      },
+    },
+  },
+  () => {
+    beforeEach(() => {
+      login();
+    });
+
+    it('should have have AI Assistant available', () => {
+      visitGetStartedPage();
+      cy.get(AI_ASSISTANT_BUTTON).should('exist');
+    });
+  }
+);
diff --git a/.../security_solution_cypress/cypress/e2e/ai_assistant/ai_assistant_feature_essentials.cy.ts b/.../security_solution_cypress/cypress/e2e/ai_assistant/ai_assistant_feature_essentials.cy.ts
@@ -0,0 +1,35 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { AI_ASSISTANT_BUTTON } from '../../screens/ai_assistant';
+import { login } from '../../tasks/login';
+import { visitGetStartedPage } from '../../tasks/navigation';
+
+describe(
+  'App Features for Security Essentials',
+  {
+    tags: ['@serverless'],
+    env: {
+      ftrConfig: {
+        productTypes: [
+          { product_line: 'security', product_tier: 'essentials' },
+          { product_line: 'endpoint', product_tier: 'essentials' },
+        ],
+      },
+    },
+  },
+  () => {
+    beforeEach(() => {
+      login();
+    });
+
+    it('should not have AI Assistant available', () => {
+      visitGetStartedPage();
+      cy.get(AI_ASSISTANT_BUTTON).should('not.exist');
+    });
+  }
+);
diff --git a/x-pack/test/security_solution_cypress/cypress/screens/ai_assistant.ts b/x-pack/test/security_solution_cypress/cypress/screens/ai_assistant.ts
@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export const AI_ASSISTANT_BUTTON = '[data-test-subj="assistantHeaderLink"]';
diff --git a/...ck/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml b/...ck/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml
@@ -43,6 +43,7 @@ viewer:
         - feature_siem.read_alerts
         - feature_siem.endpoint_list_read
         - feature_securitySolutionCases.read
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.read
         - feature_osquery.read
@@ -111,6 +112,7 @@ editor:
         - feature_siem.actions_log_management_all # Response actions history
         - feature_siem.file_operations_all
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -156,6 +158,7 @@ t1_analyst:
         - feature_siem.read_alerts
         - feature_siem.endpoint_list_read
         - feature_securitySolutionCases.read
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.read
         - feature_osquery.read
@@ -203,6 +206,7 @@ t2_analyst:
         - feature_siem.read_alerts
         - feature_siem.endpoint_list_read
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.read
         - feature_osquery.read
@@ -267,6 +271,7 @@ t3_analyst:
         - feature_siem.actions_log_management_all # Response actions history
         - feature_siem.file_operations_all
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -317,6 +322,7 @@ threat_intelligence_analyst:
         - feature_siem.endpoint_list_read
         - feature_siem.blocklist_all
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.read
         - feature_osquery.all
@@ -381,6 +387,7 @@ rule_author:
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_siem.actions_log_management_read
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.read
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -448,6 +455,7 @@ soc_manager:
         - feature_siem.file_operations_all
         - feature_siem.execute_operations_all
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -500,6 +508,7 @@ detections_admin:
         - feature_siem.read_alerts
         - feature_siem.crud_alerts
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_dev_tools.all
@@ -548,6 +557,7 @@ platform_engineer:
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_siem.actions_log_management_read
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_fleet.all
@@ -611,6 +621,7 @@ endpoint_operations_analyst:
         - feature_siem.file_operations_all
         - feature_siem.execute_operations_all # Execute
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_osquery.all
@@ -670,6 +681,7 @@ endpoint_policy_manager:
         - feature_siem.host_isolation_exceptions_all
         - feature_siem.blocklist_all # Elastic Defend Policy Management
         - feature_securitySolutionCases.all
+        - feature_securitySolutionAssistant.all
         - feature_actions.all
         - feature_builtInAlerts.all
         - feature_osquery.all