[AI SOC] Grant fleet (v1) access to see integrations in Search AI Lake tier (#221189)

config/serverless.security.search_ai_lake.yml

@@ -18,6 +18,37 @@ xpack.features.overrides:
   siemV2.description: null
   securitySolutionSiemMigrations.hidden: true
 
+  ## Fine-tune the security solution essentials feature privileges. These feature privilege overrides are set individually for each project type. Also, refer to `serverless.yml` for the project-agnostic overrides.
+  siemV2:
+    privileges:
+      all.composedOf:
+        ## Limited values so the fields from serverless.yml or serverless.security.yml are overwritten
+        ## We do not need to compose siemV2 from maps and visualizations because these functionalities are disabled in this tier
+        - feature: "discover_v2"
+          privileges: [ "all" ]
+          ## We need limited read access to fleet (v1) in order to use integrations
+        - feature: "fleet"
+          privileges: [ "all" ]
+      read.composedOf:
+        - feature: "discover_v2"
+          privileges: [ "read" ]
+        - feature: "fleet"
+          privileges: [ "read" ]
+  siem:
+    privileges:
+      all.composedOf:
+        ## Limited values so the fields from serverless.yml or serverless.security.yml are overwritten
+        ## We do not need to compose siemV2 from maps and visualizations because these functionalities are disabled in this tier
+        - feature: "discover_v2"
+          privileges: [ "all" ]
+        - feature: "savedQueryManagement"
+          privileges: [ "all" ]
+      read.composedOf:
+        - feature: "discover_v2"
+          privileges: [ "read" ]
+        - feature: "savedQueryManagement"
+          privileges: [ "read" ]
+
 # Custom integrations/fleet settings
 xpack.fleet.agentless.isDefault: true
 xpack.fleet.integrationsHomeOverride: '/app/security/configurations/integrations'