From 09118341ab9bdeae2de58ff121a4dfa972e7551f Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Mon, 29 Jan 2024 09:29:08 -0500 Subject: [PATCH] [Request][8.9] Doc privs required to create and manage the .lists data stream (backport #4696) (#4701) (cherry picked from commit 2990160e6345d61b207b9004cd3595428d7f0b79) Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> --- .../exceptions/exceptions-api-overview.asciidoc | 13 +++---------- .../exceptions/lists-index-api-overview.asciidoc | 2 +- .../api/lists/lists-api-overview.asciidoc | 16 +++------------- docs/getting-started/detections-req.asciidoc | 14 ++++++++++++-- 4 files changed, 19 insertions(+), 26 deletions(-) diff --git a/docs/detections/api/exceptions/exceptions-api-overview.asciidoc b/docs/detections/api/exceptions/exceptions-api-overview.asciidoc index 29bb71deb6..2d2fd5ce31 100644 --- a/docs/detections/api/exceptions/exceptions-api-overview.asciidoc +++ b/docs/detections/api/exceptions/exceptions-api-overview.asciidoc @@ -41,15 +41,8 @@ IMPORTANT: Before you can create exceptions, you must create `.lists` and `.items` indices for the {kib} space (see <>). [float] -=== Kibana role requirements +=== Exceptions requirements -To create list containers and items, the user role for the {kib} space must -have: +Before you start working with exceptions that use value lists, you must create the `.lists` and `.items` indices for the relevant {kib} space. To learn how to do this, go to <>. -* `read` and `write` index privileges for the -`.lists` and `.items` indices (the system index used for storing exception lists). -* {kib} space `All` privileges for the `Security` and `Saved Objects Management` -features (see -{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]). - -See <> for a complete list of requirements. +Once these indices are created, your role needs privileges to manage rules. Refer to <> for a complete list of requirements. diff --git a/docs/detections/api/exceptions/lists-index-api-overview.asciidoc b/docs/detections/api/exceptions/lists-index-api-overview.asciidoc index a5840132a8..511e91cecb 100644 --- a/docs/detections/api/exceptions/lists-index-api-overview.asciidoc +++ b/docs/detections/api/exceptions/lists-index-api-overview.asciidoc @@ -6,7 +6,7 @@ and `.items` system indices in the relevant {kibana-ref}/xpack-spaces.html[{kib} space]. For information about the permissions and privileges required to create -`.lists` and `.items` indices, see <>. +`.lists` and `.items` indices, refer to <>. [discrete] === Create index diff --git a/docs/detections/api/lists/lists-api-overview.asciidoc b/docs/detections/api/lists/lists-api-overview.asciidoc index c971d8a637..6f4fe2c961 100644 --- a/docs/detections/api/lists/lists-api-overview.asciidoc +++ b/docs/detections/api/lists/lists-api-overview.asciidoc @@ -54,19 +54,9 @@ Use an <> to define the operator and associate it with an <>. You can then add the exception container to a rule's `exceptions_list` object. -IMPORTANT: Before you can create lists, you must create `.lists` and `.items` -indices for the {kib} space (see <>). - [float] -=== Kibana role requirements - -To create list containers and items, the user role for the {kib} space must -have: +=== Lists requirements -* `read` and `write` index privileges for the -`.lists` and `.items` indices (the system index used for storing exception lists). -* {kib} space `All` privileges for the `Security` and `Saved Objects Management` -features (see -{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]). +Before you can start using lists, you must create the `.lists` and `.items` indices for the relevant {kib} space. To learn how to do this, go to <>. -See <> for a complete list of requirements. +Once these indices are created, your role needs privileges to manage rules. Refer to <> for a complete list of requirements. diff --git a/docs/getting-started/detections-req.asciidoc b/docs/getting-started/detections-req.asciidoc index 9f5358722c..78a93f89a9 100644 --- a/docs/getting-started/detections-req.asciidoc +++ b/docs/getting-started/detections-req.asciidoc @@ -65,7 +65,6 @@ a|The `manage`, `write`,`read`, and `view_index_metadata` index privileges for t |{kib} space `All` privileges for the `Security` feature (refer to {kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]) - |Enable the Detections feature in all Kibana spaces *NOTE*: To turn on the Detections feature, visit the Detections page for each appropriate Kibana space. @@ -83,7 +82,6 @@ a|The `manage`, `write`,`read`, and `view_index_metadata` index privileges for t |{kib} space `All` privileges for the `Security` feature (refer to {kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]) - | Preview rules |N/A a| The `read` privilege for the following indices: @@ -130,6 +128,18 @@ a|The `maintenance`, `write`,`read`, and `view_index_metadata` index privileges |{kib} space `Read` privileges for the `Security` feature (refer to {kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]) +|Create the `.lists` and `.items` indices in your {kib} space + +**NOTE**: To initiate the process that creates the `.lists` and `.items` indices, you must visit the Rules page for each appropriate {kib} space. + +|The `manage` privilege +a| The `manage`, `write`,`read`, and `view_index_metadata` index privileges for the following indices, where `` is the {kib} space name: + +* `.lists-` +* `.items-` +|{kib} space `All` privileges for the `Security` and `Saved Objects Management` +features (refer to {kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]) + |============================================== Here is an example of a user who has the Detections feature enabled in all {kib} spaces: