Skip to content

[Watcher] Improve document around security privileges  #101291

New issue
New issue
Open
Open
[Watcher] Improve document around security privileges #101291

Description

@alisonelizabeth

alisonelizabeth
openedon Jun 3, 2021

The watcher UI docs should be updated to clarify the security privileges necessary to use watcher UI.

In addition to the manage_watcher or monitor_watcher cluster privilege, the user must also have read access to .watches and .watcher-history-* indices.

Related privileges code:

kibana/x-pack/plugins/watcher/server/plugin.ts

Lines 50 to 74 in e297fec

features.registerElasticsearchFeature({
id: 'watcher',
management: {
insightsAndAlerting: ['watcher'],
},
catalogue: ['watcher'],
privileges: [
{
requiredClusterPrivileges: ['manage_watcher'],
requiredIndexPrivileges: {
[INDEX_NAMES.WATCHES]: ['read'],
[INDEX_NAMES.WATCHER_HISTORY]: ['read'],
},
ui: [],
},
{
requiredClusterPrivileges: ['monitor_watcher'],
requiredIndexPrivileges: {
[INDEX_NAMES.WATCHES]: ['read'],
[INDEX_NAMES.WATCHER_HISTORY]: ['read'],
},
ui: [],
},
],
});

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    Feature:WatcherTeam:Kibana ManagementDev Tools, Index Management, Upgrade Assistant, ILM, Ingest Node Pipelines, and morebugFixes for quality problems that affect the customer experience

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions