Skip to content

[Jan 28] Updates RBAC requirements for 3rd-party response actions #6434

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 28, 2025
Merged

[Jan 28] Updates RBAC requirements for 3rd-party response actions #6434

merged 1 commit into from
Jan 28, 2025

Conversation

natasha-moore-elastic
Copy link
Contributor

@natasha-moore-elastic natasha-moore-elastic commented Jan 17, 2025
edited
Loading

Resolves #6398.

Preview: Configure third-party response actions: Updated second bullet point in the prerequisites callout.

@natasha-moore-elastic natasha-moore-elastic self-assigned this Jan 17, 2025
@github-actions GitHub Actions
Copy link

A documentation preview will be available soon.

Request a new doc build by commenting
  • Rebuild this PR: run docs-build
  • Rebuild this PR and all Elastic docs: run docs-build rebuild

run docs-build is much faster than run docs-build rebuild. A rebuild should only be needed in rare situations.

If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here.

@natasha-moore-elastic natasha-moore-elastic added Team: EDR Workflows Formerly Defend Workflows, Onboarding and Lifecycle Management Feature: Response actions also includes response console Priority: Medium Issues that have relevance, but aren't urgent Effort: Small Issues that can be resolved quickly labels Jan 17, 2025
@natasha-moore-elastic natasha-moore-elastic marked this pull request as ready for review January 17, 2025 13:31
@natasha-moore-elastic natasha-moore-elastic requested a review from a team as a code owner January 17, 2025 13:31
paul-tavares
paul-tavares reviewed Jan 21, 2025
View reviewed changes
Copy link
Contributor

@paul-tavares paul-tavares left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good @natasha-moore-elastic .

I still see the "Technical preview" callout at the top of the page - I assume that will be removed in a subsequent PR?

@natasha-moore-elastic
Copy link
Contributor Author

Looks good @natasha-moore-elastic .

I still see the "Technical preview" callout at the top of the page - I assume that will be removed in a subsequent PR?

That's right, it will be handled separately. 👍

nastasha-solomon
nastasha-solomon approved these changes Jan 22, 2025
View reviewed changes
docs/management/admin/response-actions-config.asciidoc
@@ -20,7 +20,7 @@ Check out <<third-party-actions>> to learn which response actions are supported
--
* https://www.elastic.co/pricing[Subscription level]: Enterprise

* {kibana-ref}/kibana-role-management.html#adding_kibana_privileges[{kib} feature privilege]: **Actions and Connectors : All**.
* {kibana-ref}/kibana-role-management.html#adding_kibana_privileges[{kib} feature privilege]: Under **Actions and Connectors**, turn on **Customize sub-feature privileges** and enable **Endpoint Security**.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor nit in case users are selecting a checkbox to enable Endpoint Security. If they aren't, ignore this!

Suggested change
* {kibana-ref}/kibana-role-management.html#adding_kibana_privileges[{kib} feature privilege]: Under **Actions and Connectors**, turn on **Customize sub-feature privileges** and enable **Endpoint Security**.
* {kibana-ref}/kibana-role-management.html#adding_kibana_privileges[{kib} feature privilege]: Under **Actions and Connectors**, turn on **Customize sub-feature privileges** and select **Endpoint Security**.

@natasha-moore-elastic natasha-moore-elastic changed the title Updates RBAC requirements for 3rd-party response actions [Jan 28] Updates RBAC requirements for 3rd-party response actions Jan 22, 2025
@natasha-moore-elastic natasha-moore-elastic merged commit dd70609 into main Jan 28, 2025
4 checks passed
mergify bot pushed a commit that referenced this pull request Jan 28, 2025
@natasha-moore-elastic @mergify
Updates RBAC requirements for 3rd-party response actions (#6434)
2cd44f4 
(cherry picked from commit dd70609)
@mergify mergify bot mentioned this pull request Jan 28, 2025
Merged
natasha-moore-elastic added a commit that referenced this pull request Jan 28, 2025
@mergify @natasha-moore-elastic
Updates RBAC requirements for 3rd-party response actions (#6434) (#6491)
a5ba424 
(cherry picked from commit dd70609)

Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>
@natasha-moore-elastic natasha-moore-elastic mentioned this pull request Mar 26, 2025
Closed
25 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paul-tavares paul-tavares paul-tavares left review comments

@nastasha-solomon nastasha-solomon nastasha-solomon approved these changes

@caitlinbetz caitlinbetz Awaiting requested review from caitlinbetz

Assignees

@natasha-moore-elastic natasha-moore-elastic

Labels
Effort: Small Issues that can be resolved quickly Feature: Response actions also includes response console Priority: Medium Issues that have relevance, but aren't urgent Team: EDR Workflows Formerly Defend Workflows, Onboarding and Lifecycle Management v8.18.0 v9.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Request] RBAC update - third party response actions
3 participants
@natasha-moore-elastic @paul-tavares @nastasha-solomon