github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.16] [Security Solution] Give entity store permissions to built-in and cloud roles (#197383) (#197618)

Browse source 
# Backport

This will backport the following commits from `main` to `8.16`:
- [[Security Solution] Give entity store permissions to built-in and
cloud roles (#197383)](https://github.com/elastic/kibana/pull/197383)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Pablo
Machado","email":"pablo.nevesmachado@elastic.co"},"sourceCommit":{"committedDate":"2024-10-24T11:25:29Z","message":"[Security
Solution] Give entity store permissions to built-in and cloud roles
(#197383)\n\n## Summary\r\n\r\nGive entity store permissions to built-in
and cloud roles.\r\nThe entity store should be available where the
RiskEngine is.\r\n\r\nES controller
PR\r\nhttps://github.com/elastic/elasticsearch-controller/pull/753","sha":"a194211fff9195c1c03c0679dc3aa806e3676515","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:
SecuritySolution","Theme: entity_analytics","Feature:Entity
Analytics","Team:Entity
Analytics","v8.16.0","backport:version","v8.17.0"],"title":"[Security
Solution] Give entity store permissions to built-in and cloud
roles","number":197383,"url":"https://github.com/elastic/kibana/pull/197383","mergeCommit":{"message":"[Security
Solution] Give entity store permissions to built-in and cloud roles
(#197383)\n\n## Summary\r\n\r\nGive entity store permissions to built-in
and cloud roles.\r\nThe entity store should be available where the
RiskEngine is.\r\n\r\nES controller
PR\r\nhttps://github.com/elastic/elasticsearch-controller/pull/753","sha":"a194211fff9195c1c03c0679dc3aa806e3676515"}},"sourceBranch":"main","suggestedTargetBranches":["8.16","8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/197383","number":197383,"mergeCommit":{"message":"[Security
Solution] Give entity store permissions to built-in and cloud roles
(#197383)\n\n## Summary\r\n\r\nGive entity store permissions to built-in
and cloud roles.\r\nThe entity store should be available where the
RiskEngine is.\r\n\r\nES controller
PR\r\nhttps://github.com/elastic/elasticsearch-controller/pull/753","sha":"a194211fff9195c1c03c0679dc3aa806e3676515"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Pablo Machado <pablo.nevesmachado@elastic.co>
This commit is contained in:
Kibana Machine 2024-10-25 00:10:54 +11:00 committed by GitHub
parent a9e1ad20df
commit e5c976995d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 44 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

13
x-pack/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml
View file

@ -53,6 +53,7 @@ viewer:
- ".fleet-actions*"
- "risk-score.risk-score-*"
- ".asset-criticality.asset-criticality-*"
- ".entities.v1.latest.security_*"
- ".ml-anomalies-*"
privileges:
- read
@ -117,6 +118,7 @@ editor:
- "maintenance"
- names:
- ".asset-criticality.asset-criticality-*"
- .entities.v1.latest.security_*
privileges:
- "read"
- "write"
@ -181,6 +183,7 @@ t1_analyst:
- ".fleet-actions*"
- risk-score.risk-score-*
- .asset-criticality.asset-criticality-*
- .entities.v1.latest.security_*
- ".ml-anomalies-*"
privileges:
- read
@ -231,6 +234,7 @@ t2_analyst:
- .fleet-agents*
- .fleet-actions*
- risk-score.risk-score-*
- .entities.v1.latest.security_*
- ".ml-anomalies-*"
privileges:
- read
@ -295,6 +299,7 @@ t3_analyst:
- .fleet-agents*
- .fleet-actions*
- risk-score.risk-score-*
- .entities.v1.latest.security_*
- ".ml-anomalies-*"
privileges:
- read
@ -363,6 +368,7 @@ threat_intelligence_analyst:
- .fleet-agents*
- .fleet-actions*
- risk-score.risk-score-*
- .entities.v1.latest.security_*
- ".ml-anomalies-*"
privileges:
- read
@ -424,6 +430,7 @@ rule_author:
- .fleet-agents*
- .fleet-actions*
- risk-score.risk-score-*
- .entities.v1.latest.security_*
- ".ml-anomalies-*"
privileges:
- read
@ -468,6 +475,7 @@ soc_manager:
- packetbeat-*
- winlogbeat-*
- .asset-criticality.asset-criticality-*
- .entities.v1.latest.security_*
privileges:
- read
- write
@ -491,6 +499,7 @@ soc_manager:
- .fleet-agents*
- .fleet-actions*
- risk-score.risk-score-*
- .asset-criticality.asset-criticality-*
- ".ml-anomalies-*"
privileges:
- read
@ -563,6 +572,7 @@ detections_admin:
- all
- names:
- .asset-criticality.asset-criticality-*
- .entities.v1.latest.security_*
privileges:
- read
- write
@ -611,6 +621,7 @@ platform_engineer:
- all
- names:
- .asset-criticality.asset-criticality-*
- .entities.v1.latest.security_*
privileges:
- read
- write
@ -670,6 +681,7 @@ endpoint_operations_analyst:
- .lists*
- .items*
- risk-score.risk-score-*
- .entities.v1.latest.security_*
- ".ml-anomalies-*"
privileges:
- read
@ -740,6 +752,7 @@ endpoint_policy_manager:
- packetbeat-*
- winlogbeat-*
- risk-score.risk-score-*
- .entities.v1.latest.security_*
- ".ml-anomalies-*"
privileges:
- read