Skip to content

Commit

Permalink
[Request][7.17-8.10] Doc privs required to create and manage the .lis…
Browse files Browse the repository at this point in the history
…ts data stream (#4696)

(cherry picked from commit 2990160)
  • Loading branch information
nastasha-solomon authored and mergify[bot] committed Jan 29, 2024
1 parent 4cbd7ce commit 7d7f751
Show file tree
Hide file tree
Showing 4 changed files with 19 additions and 26 deletions.
13 changes: 3 additions & 10 deletions docs/detections/api/exceptions/exceptions-api-overview.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -43,15 +43,8 @@ IMPORTANT: Before you can create exceptions, you must create `.lists` and
`.items` indices for the {kib} space (see <<lists-index-api-overview>>).

[float]
=== Kibana role requirements
=== Exceptions requirements

To create list containers and items, the user role for the {kib} space must
have:
Before you start working with exceptions that use value lists, you must create the `.lists` and `.items` indices for the relevant {kib} space. To learn how to do this, go to <<lists-index-api-overview>>.

* `read` and `write` index privileges for the
`.lists` and `.items` indices (the system index used for storing exception lists).
* {kib} space `All` privileges for the `Security` and `Saved Objects Management`
features (see
{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]).

See <<detections-permissions-section>> for a complete list of requirements.
Once these indices are created, your role needs privileges to manage rules. Refer to <<enable-detections-ui>> for a complete list of requirements.
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ and `.items` system indices in the relevant
{kibana-ref}/xpack-spaces.html[{kib} space].

For information about the permissions and privileges required to create
`.lists` and `.items` indices, see <<enable-detections-ui>>.
`.lists` and `.items` indices, refer to <<enable-detections-ui>>.

NOTE: Console supports only Elasticsearch APIs. Console doesn't allow interactions with {kib} APIs. You must use `curl` or another HTTP tool instead. For more information, refer to {kibana-ref}/console-kibana.html[Run {es} API requests].

Expand Down
16 changes: 3 additions & 13 deletions docs/detections/api/lists/lists-api-overview.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -56,19 +56,9 @@ Use an <<exceptions-api-create-exception-item, exception item>> to define the
operator and associate it with an <<exceptions-api-create-container, exception container>>.
You can then add the exception container to a rule's `exceptions_list` object.

IMPORTANT: Before you can create lists, you must create `.lists` and `.items`
indices for the {kib} space (see <<lists-index-api-overview>>).

[float]
=== Kibana role requirements

To create list containers and items, the user role for the {kib} space must
have:
=== Lists requirements

* `read` and `write` index privileges for the
`.lists` and `.items` indices (the system index used for storing exception lists).
* {kib} space `All` privileges for the `Security` and `Saved Objects Management`
features (see
{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]).
Before you can start using lists, you must create the `.lists` and `.items` indices for the relevant {kib} space. To learn how to do this, go to <<lists-index-api-overview>>.

See <<detections-permissions-section>> for a complete list of requirements.
Once these indices are created, your role needs privileges to manage rules. Refer to <<enable-detections-ui>> for a complete list of requirements.
14 changes: 12 additions & 2 deletions docs/getting-started/detections-req.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,6 @@ a|The `manage`, `write`,`read`, and `view_index_metadata` index privileges for t
|{kib} space `All` privileges for the `Security` feature (refer to
{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])


|Enable the Detections feature in all Kibana spaces

*NOTE*: To turn on the Detections feature, visit the Detections page for each appropriate Kibana space.
Expand All @@ -82,7 +81,6 @@ a|The `manage`, `write`,`read`, and `view_index_metadata` index privileges for t
|{kib} space `All` privileges for the `Security` feature (refer to
{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])


| Preview rules
|N/A
a| The `read` privilege for the following indices:
Expand Down Expand Up @@ -129,6 +127,18 @@ a|The `maintenance`, `write`,`read`, and `view_index_metadata` index privileges
|{kib} space `Read` privileges for the `Security` feature (refer to
{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])

|Create the `.lists` and `.items` indices in your {kib} space

**NOTE**: To initiate the process that creates the `.lists` and `.items` indices, you must visit the Rules page for each appropriate {kib} space.

|The `manage` privilege
a| The `manage`, `write`,`read`, and `view_index_metadata` index privileges for the following indices, where `<space-id>` is the {kib} space name:

* `.lists-<space-id>`
* `.items-<space-id>`
|{kib} space `All` privileges for the `Security` and `Saved Objects Management`
features (refer to {kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])

|==============================================

Here is an example of a user who has the Detections feature enabled in all {kib} spaces:
Expand Down

0 comments on commit 7d7f751

Please sign in to comment.