Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Request][8.1] Doc privs required to create and manage the .lists data stream (backport #4696) #4709

Merged
merged 1 commit into from
Jan 29, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 3 additions & 10 deletions docs/detections/api/exceptions/exceptions-api-overview.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -43,15 +43,8 @@ IMPORTANT: Before you can create exceptions, you must create `.lists` and
`.items` indices for the {kib} space (see <<lists-index-api-overview>>).

[float]
=== Kibana role requirements
=== Exceptions requirements

To create list containers and items, the user role for the {kib} space must
have:
Before you start working with exceptions that use value lists, you must create the `.lists` and `.items` indices for the relevant {kib} space. To learn how to do this, go to <<lists-index-api-overview>>.

* `read` and `write` index privileges for the
`.lists` and `.items` indices (the system index used for storing exception lists).
* {kib} space `All` privileges for the `Security` and `Saved Objects Management`
features (see
{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]).

See <<detections-permissions-section>> for a complete list of requirements.
Once these indices are created, your role needs privileges to manage rules. Refer to <<enable-detections-ui>> for a complete list of requirements.
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ and `.items` system indices in the relevant
{kibana-ref}/xpack-spaces.html[{kib} space].

For information about the permissions and privileges required to create
`.lists` and `.items` indices, see <<enable-detections-ui>>.
`.lists` and `.items` indices, refer to <<enable-detections-ui>>.

NOTE: Console supports only Elasticsearch APIs. Console doesn't allow interactions with {kib} APIs. You must use `curl` or another HTTP tool instead. For more information, refer to {kibana-ref}/console-kibana.html[Run {es} API requests].

Expand Down
16 changes: 3 additions & 13 deletions docs/detections/api/lists/lists-api-overview.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -56,19 +56,9 @@ Use an <<exceptions-api-create-exception-item, exception item>> to define the
operator and associate it with an <<exceptions-api-create-container, exception container>>.
You can then add the exception container to a rule's `exceptions_list` object.

IMPORTANT: Before you can create lists, you must create `.lists` and `.items`
indices for the {kib} space (see <<lists-index-api-overview>>).

[float]
=== Kibana role requirements

To create list containers and items, the user role for the {kib} space must
have:
=== Lists requirements

* `read` and `write` index privileges for the
`.lists` and `.items` indices (the system index used for storing exception lists).
* {kib} space `All` privileges for the `Security` and `Saved Objects Management`
features (see
{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]).
Before you can start using lists, you must create the `.lists` and `.items` indices for the relevant {kib} space. To learn how to do this, go to <<lists-index-api-overview>>.

See <<detections-permissions-section>> for a complete list of requirements.
Once these indices are created, your role needs privileges to manage rules. Refer to <<enable-detections-ui>> for a complete list of requirements.
14 changes: 12 additions & 2 deletions docs/getting-started/detections-req.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,6 @@ a|The `manage`, `write`,`read`, and `view_index_metadata` index privileges for t
|{kib} space `All` privileges for the `Security` feature (refer to
{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])


|Enable the Detections feature in all Kibana spaces

*NOTE*: To turn on the Detections feature, visit the Detections page for each appropriate Kibana space.
Expand All @@ -82,7 +81,6 @@ a|The `manage`, `write`,`read`, and `view_index_metadata` index privileges for t
|{kib} space `All` privileges for the `Security` feature (refer to
{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])


| Preview rules
|N/A
a| The `read` privilege for the following indices:
Expand Down Expand Up @@ -129,6 +127,18 @@ a|The `maintenance`, `write`,`read`, and `view_index_metadata` index privileges
|{kib} space `Read` privileges for the `Security` feature (refer to
{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])

|Create the `.lists` and `.items` indices in your {kib} space

**NOTE**: To initiate the process that creates the `.lists` and `.items` indices, you must visit the Rules page for each appropriate {kib} space.

|The `manage` privilege
a| The `manage`, `write`,`read`, and `view_index_metadata` index privileges for the following indices, where `<space-id>` is the {kib} space name:

* `.lists-<space-id>`
* `.items-<space-id>`
|{kib} space `All` privileges for the `Security` and `Saved Objects Management`
features (refer to {kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])

|==============================================

Here is an example of a user who has the Detections feature enabled in all {kib} spaces:
Expand Down