diff --git a/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml b/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml index e9223cd5d73ef..5c8446123a4fb 100644 --- a/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml +++ b/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml @@ -35,6 +35,7 @@ viewer: - '.fleet-actions*' - 'risk-score.risk-score-*' - '.asset-criticality.asset-criticality-*' + - '.entities.v1.latest.security_*' - '.ml-anomalies-*' privileges: - read @@ -99,6 +100,7 @@ editor: - 'maintenance' - names: - '.asset-criticality.asset-criticality-*' + - '.entities.v1.latest.security_*' privileges: - 'read' - 'write' @@ -162,6 +164,7 @@ t1_analyst: - '.fleet-actions*' - risk-score.risk-score-* - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -211,6 +214,7 @@ t2_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -274,6 +278,7 @@ t3_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -346,6 +351,7 @@ threat_intelligence_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -406,6 +412,7 @@ rule_author: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -472,6 +479,7 @@ soc_manager: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -543,6 +551,7 @@ detections_admin: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -590,6 +599,7 @@ platform_engineer: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -648,6 +658,7 @@ endpoint_operations_analyst: - .lists* - .items* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -717,6 +728,7 @@ endpoint_policy_manager: - winlogbeat-* - logstash-* - risk-score.risk-score-* + - .entities.v1.latest.security_* privileges: - read - names: diff --git a/packages/kbn-es/src/serverless_resources/security_roles.json b/packages/kbn-es/src/serverless_resources/security_roles.json index 0554853b82df9..75106ba041d60 100644 --- a/packages/kbn-es/src/serverless_resources/security_roles.json +++ b/packages/kbn-es/src/serverless_resources/security_roles.json @@ -120,7 +120,12 @@ "privileges": ["read", "write"] }, { - "names": ["metrics-endpoint.metadata_current_*", ".fleet-agents*", ".fleet-actions*", "risk-score.risk-score-*"], + "names": [ + "metrics-endpoint.metadata_current_*", + ".fleet-agents*", ".fleet-actions*", + "risk-score.risk-score-*", + ".entities.v1.latest.security_*" + ], "privileges": ["read"] } ], diff --git a/x-pack/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml b/x-pack/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml index 3fd3bd2e3233e..4c17bfa922d2e 100644 --- a/x-pack/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml +++ b/x-pack/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml @@ -53,6 +53,7 @@ viewer: - ".fleet-actions*" - "risk-score.risk-score-*" - ".asset-criticality.asset-criticality-*" + - ".entities.v1.latest.security_*" - ".ml-anomalies-*" privileges: - read @@ -117,6 +118,7 @@ editor: - "maintenance" - names: - ".asset-criticality.asset-criticality-*" + - .entities.v1.latest.security_* privileges: - "read" - "write" @@ -181,6 +183,7 @@ t1_analyst: - ".fleet-actions*" - risk-score.risk-score-* - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -231,6 +234,7 @@ t2_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -295,6 +299,7 @@ t3_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -363,6 +368,7 @@ threat_intelligence_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -424,6 +430,7 @@ rule_author: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -468,6 +475,7 @@ soc_manager: - packetbeat-* - winlogbeat-* - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -491,6 +499,7 @@ soc_manager: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .asset-criticality.asset-criticality-* - ".ml-anomalies-*" privileges: - read @@ -563,6 +572,7 @@ detections_admin: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -611,6 +621,7 @@ platform_engineer: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -670,6 +681,7 @@ endpoint_operations_analyst: - .lists* - .items* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -740,6 +752,7 @@ endpoint_policy_manager: - packetbeat-* - winlogbeat-* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read diff --git a/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml b/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml index 0c60ac2aa0427..2d80c9d398210 100644 --- a/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml +++ b/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml @@ -34,6 +34,7 @@ viewer: - ".fleet-actions*" - "risk-score.risk-score-*" - ".asset-criticality.asset-criticality-*" + - ".entities.v1.latest.security_*" - ".ml-anomalies-*" privileges: - read @@ -98,6 +99,7 @@ editor: - "maintenance" - names: - ".asset-criticality.asset-criticality-*" + - ".entities.v1.latest.security_*" privileges: - "read" - "write" @@ -162,6 +164,7 @@ t1_analyst: - ".fleet-actions*" - risk-score.risk-score-* - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -212,6 +215,7 @@ t2_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -276,6 +280,7 @@ t3_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -344,6 +349,7 @@ threat_intelligence_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -405,6 +411,7 @@ rule_author: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -449,6 +456,7 @@ soc_manager: - packetbeat-* - winlogbeat-* - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -472,6 +480,7 @@ soc_manager: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .asset-criticality.asset-criticality-* - ".ml-anomalies-*" privileges: - read @@ -544,6 +553,7 @@ detections_admin: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -592,6 +602,7 @@ platform_engineer: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -651,6 +662,7 @@ endpoint_operations_analyst: - .lists* - .items* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -721,6 +733,7 @@ endpoint_policy_manager: - packetbeat-* - winlogbeat-* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read