github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 01:13:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.x] [Security Solution] Fix old siem feature override (#207333) (#207373)

Browse source 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution] Fix old siem feature override
(#207333)](https://github.com/elastic/kibana/pull/207333)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Sergi
Massaneda","email":"sergi.massaneda@elastic.co"},"sourceCommit":{"committedDate":"2025-01-21T14:50:53Z","message":"[Security
Solution] Fix old siem feature override (#207333)\n\n##
Summary\r\n\r\nAdds the feature override for the old `siem` feature as
well, we changed\r\nthat to the new one
here\r\n\r\n\r\nhttps://github.com/elastic/kibana/pull/201780/files#diff-5aba630e58630c087c90368aa97296afb736f62579a23285cef901dc1c3921edR27\r\n\r\nRelated
failure: https://github.com/elastic/kibana/issues/207285\r\n\r\nThe
problem happened because MKI tests are using the outdated
roles\r\ndefinition with the old `feature_siem` which was lacking the
feature\r\noverride in the
serverless.security.yml\r\n\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"9077414852f86a70aba5259e9f62d12a53a63090","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat
Hunting","ci:build-serverless-image","backport:version","v8.18.0"],"title":"[Security
Solution] Fix old siem feature
override","number":207333,"url":"https://github.com/elastic/kibana/pull/207333","mergeCommit":{"message":"[Security
Solution] Fix old siem feature override (#207333)\n\n##
Summary\r\n\r\nAdds the feature override for the old `siem` feature as
well, we changed\r\nthat to the new one
here\r\n\r\n\r\nhttps://github.com/elastic/kibana/pull/201780/files#diff-5aba630e58630c087c90368aa97296afb736f62579a23285cef901dc1c3921edR27\r\n\r\nRelated
failure: https://github.com/elastic/kibana/issues/207285\r\n\r\nThe
problem happened because MKI tests are using the outdated
roles\r\ndefinition with the old `feature_siem` which was lacking the
feature\r\noverride in the
serverless.security.yml\r\n\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"9077414852f86a70aba5259e9f62d12a53a63090"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/207333","number":207333,"mergeCommit":{"message":"[Security
Solution] Fix old siem feature override (#207333)\n\n##
Summary\r\n\r\nAdds the feature override for the old `siem` feature as
well, we changed\r\nthat to the new one
here\r\n\r\n\r\nhttps://github.com/elastic/kibana/pull/201780/files#diff-5aba630e58630c087c90368aa97296afb736f62579a23285cef901dc1c3921edR27\r\n\r\nRelated
failure: https://github.com/elastic/kibana/issues/207285\r\n\r\nThe
problem happened because MKI tests are using the outdated
roles\r\ndefinition with the old `feature_siem` which was lacking the
feature\r\noverride in the
serverless.security.yml\r\n\r\nCo-authored-by: Elastic Machine
<elasticmachine@users.noreply.github.com>","sha":"9077414852f86a70aba5259e9f62d12a53a63090"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Sergi Massaneda <sergi.massaneda@elastic.co>
This commit is contained in:
Kibana Machine 2025-01-22 03:34:53 +11:00 committed by GitHub
parent 864adea19f
commit af02ddceed
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 27 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

27
config/serverless.security.yml
View file

@ -48,6 +48,33 @@ xpack.features.overrides:
- feature: "maps"
privileges: [ "read" ]
### Security's feature privileges are fine-tuned to grant access to Discover, Dashboard, Maps, and Visualize apps.
siem:
privileges:
### Security's `All` feature privilege should implicitly grant `All` access to Discover, Dashboard, Maps, and
### Visualize features.
all.composedOf:
- feature: "discover"
privileges: [ "all" ]
- feature: "dashboard"
privileges: [ "all" ]
- feature: "visualize"
privileges: [ "all" ]
- feature: "maps"
privileges: [ "all" ]
# Security's `Read` feature privilege should implicitly grant `Read` access to Discover, Dashboard, Maps, and
# Visualize features. Additionally, it should implicitly grant privilege to create short URLs in Discover,
### Dashboard, and Visualize apps.
read.composedOf:
- feature: "discover"
privileges: [ "read" ]
- feature: "dashboard"
privileges: [ "read" ]
- feature: "visualize"
privileges: [ "read" ]
- feature: "maps"
privileges: [ "read" ]
## Cloud settings
xpack.cloud.serverless.project_type: security