With the Serverless custom roles functionality, we provide the flexibility to create a new role for the Security project. Security project type has a different sets of the product lines (SIEM, Cloud and Endpoint) and could use Essentials or Complete tier. Essentials tier has limited Kibana features availability (that means some Kibana UI, pages are available on Complete only), similar as if some of the product lines are disabled.
For the role creation on the Essentials tier (or if some product line is disabled) the UX is confusing due to the availability in the privileges select the features which are not allowed for that level of the project configuration. For example AI Assistant available only for the Complete tier, but user on Essentials still able to create the role with the Assistant privileges on, which may lead to misunderstanding of that functionality availability model:

The better UX will be to highlight (but still has available) the features which are Complete only or belongs to the specific product line.

cc: @legrego , @azasypkin, @MikePaquette