Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[8.12] [Cases] Add new sub feature privilege to prevent access to case settings (backport #4557) #4601

Merged
merged 1 commit into from
Jan 11, 2024
Merged

[8.12] [Cases] Add new sub feature privilege to prevent access to case settings (backport #4557) #4601

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 15 additions & 8 deletions docs/getting-started/cases-req.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
[[case-permissions]]
= Cases prerequisites

:frontmatter-description: Learn about the {kib} feature privileges required to access {elastic-sec} cases.
:frontmatter-tags-products: [security]
:frontmatter-tags-content-type: [how-to]
:frontmatter-tags-user-goals: [configure]

//To view cases, you need the {kib} space `Read` privilege for the `Security` feature. To create cases and add comments, you need the `All` {kib}
//space privilege for the `Security` feature.

Expand Down Expand Up @@ -34,21 +39,23 @@ a|
* **All** for the *Cases* feature under *Security*
* **All** for the *{connectors-feature}* feature under *Management*

NOTE: Roles without **All** *{connectors-feature}* feature privileges cannot create, add, delete, or modify case connectors.
[NOTE]
====
Roles without **All** privileges for the *{connectors-feature}* feature cannot create, add, delete, or modify case connectors.

By default, **All** for the *Cases* feature allows you to delete cases, delete alerts and comments from cases, and edit case settings. You can customize the sub-feature privileges to limit feature access.
====

| Give assignee access to cases
a|
* **All** for the *Cases* feature under *Security*
a| **All** for the *Cases* feature under *Security*

NOTE: Before a user can be assigned to a case, they must log into {kib} at least
once, which creates a user profile.

| Give view-only access for cases | **Read** for the *Security* feature and **All** for the *Cases* feature

| Give access to view and delete cases
a| **Read** for the *Cases* feature under *Security* with the *Delete* sub-feature selected
| Give view-only access for cases
a| **Read** for the *Security* feature and **All** for the *Cases* feature

NOTE: These privileges also enable you to delete comments and alerts from a case.
NOTE: You can customize the sub-feature privileges to allow access to deleting cases, deleting alerts and comments from cases, and viewing or editing case settings.

| Revoke all access to cases | **None** for the *Cases* feature under *Security*

Expand Down