elastic · albertzaharovits · Feb 19, 2019 · Feb 13, 2019 · Feb 13, 2019 · Feb 13, 2019
diff --git a/docs/en/stack/security/authorization/built-in-roles.asciidoc b/docs/en/stack/security/authorization/built-in-roles.asciidoc
@@ -111,6 +111,12 @@ user has access to only their own reports. Reporting users should also be
 assigned the `kibana_user` role and a role that grants them access to the data 
 that will be used to generate reports.
 
+[[built-in-roles-snapshot-user]] `snapshot_user`::
+Grants the necessary privileges to create snapshots of **all** the indices and
+to view their metadata. This role enables users to view the configuration of
+existing snapshot repositories and snapshot details. It does not grant authority
+to remove or add repositories or to restore snapshots. It also does not enable
+to change index settings or to read or update index data.
 
 [[built-in-roles-superuser]] `superuser`::
 Grants full access to the cluster, including all indices and data. A user with

diff --git a/docs/en/stack/security/authorization/privileges.asciidoc b/docs/en/stack/security/authorization/privileges.asciidoc
@@ -12,6 +12,10 @@ This section lists the privileges that you can assign to a role.
 All cluster administration operations, like snapshotting, node shutdown/restart,
 settings update, rerouting, or managing users and roles.
 
+`create_snapshot`::
+Privileges to create snapshots for existing repositories. Can also list and view
+details on existing repositories and snapshots.
+
 `manage`::
 Builds on `monitor` and adds cluster operations that change values in the cluster.
 This includes snapshotting, updating settings, and rerouting. It also includes