-
Notifications
You must be signed in to change notification settings - Fork 108
Space Awareness: Update Fleet roles and privileges UI docs #1751
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
🔍 Preview links for changed docs: 🔔 The preview site may take up to 3 minutes to finish building. These links will become live once it completes. |
cc:/ @benironside FYI: Here's a WIP draft of the Fleet UI side of Space Awareness. |
c74eb93
to
2382b66
Compare
2382b66
to
17295f5
Compare
2. To create a read-only user for {{fleet}} and Integrations, set both the **Fleet** and **Integrations** privileges to `Read`. | ||
:::{image} images/kibana-fleet-privileges-read.png | ||
:alt: Kibana privileges flyout showing Fleet and Integrations access set to All | ||
:screenshot: | ||
::: | ||
<br> | ||
3. If you'd like to define more specialized access to {{fleet}} based on individual components, expand the **Fleet** menu and enable **Customize sub-feature privileges**. | ||
:::{image} images/kibana-fleet-privileges-enable.png | ||
:alt: Kibana customize sub-feature privileges UI | ||
:screenshot: | ||
::: | ||
<br> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Observation on output:: List item 10-1 is numbered as a.
. List items 10-2 and 10-3 are numbered as 2.
and 3.
Maybe the <br>
s I added to increase space after the graphics are throwing numbering off? Interesting that the correct interval is preserved (a, 2, 3), but not the numbering/lettering style.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Update: After I removed the <br>
s, the sub-steps are numbering correctly (a, b, c) in a local build. Do we have other tools for forcing better spacing available?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you indent the image blocks by 4 spaces to be within each step, maybe that could change the rendering a bit and add more space? (I should try this out, I guess)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Formatting it like below renders the images within the a-b-c list with the correct numbering, also keeping the last two paragraphs indented (as part of step 10, but not part of step c). But it doesn’t solve the spacing issue, I guess.
Not using <br> looks OK to me though. (The screenshot is only of the last sub-step as the images were too large (does it make sense to resize them?).
10. Choose the access level that you'd like the role to have with respect to {{fleet}} and integrations:
1. To grant the role full access to use and manage {{fleet}} and integrations, set both the **Fleet** and **Integrations** privileges to `All`.
:::{image} images/kibana-fleet-privileges-all.png
:alt: Kibana privileges flyout showing Fleet and Integrations access set to All
:screenshot:
:::
2. To create a read-only user for {{fleet}} and Integrations, set both the **Fleet** and **Integrations** privileges to `Read`.
:::{image} images/kibana-fleet-privileges-read.png
:alt: Kibana privileges flyout showing Fleet and Integrations access set to All
:screenshot:
:::
3. If you'd like to define more specialized access to {{fleet}} based on individual components, expand the **Fleet** menu and enable **Customize sub-feature privileges**.
:::{image} images/kibana-fleet-privileges-enable.png
:alt: Kibana customize sub-feature privileges UI
:screenshot:
:::
Any setting for individual {{fleet}} components that you specify here takes precedence over the general `All`, `Read`, or `None` privilege set for {{fleet}}.
Based on your selections, access to features in the {{fleet}} UI are enabled or disabled for the role.
Those details are covered in the next section: [Customize access to {{fleet}} features](#fleet-roles-and-privileges-sub-features).
After you've created a new role you can assign it to any {{es}} user.
You can edit the role at any time by returning to the **Roles** page in {{kib}}.

There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! 🦖
Very nice!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM thank you. just one minor comment about the version.
|
||
Assigning the {{kib}} feature privileges `Fleet` and `Integrations` grants access to use {{fleet}} and Integrations. | ||
Beginning with {{stack}} version 8.17, you have more granular control over user access to features in and managed by {{fleet}}. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
version should be 9.1
@karenzone I will need to add some content regarding migration. for an existing deployment with agent policies there's an extra step they have to perform before the feature can be enabled. Once your changes are merged I'll make the mods. thanks |
Thanks, @nimarezainia. I'll make a note to be on the lookout for incoming changes post-merge. |
2. To create a read-only user for {{fleet}} and Integrations, set both the **Fleet** and **Integrations** privileges to `Read`. | ||
:::{image} images/kibana-fleet-privileges-read.png | ||
:alt: Kibana privileges flyout showing Fleet and Integrations access set to All | ||
:screenshot: | ||
::: | ||
<br> | ||
3. If you'd like to define more specialized access to {{fleet}} based on individual components, expand the **Fleet** menu and enable **Customize sub-feature privileges**. | ||
:::{image} images/kibana-fleet-privileges-enable.png | ||
:alt: Kibana customize sub-feature privileges UI | ||
:screenshot: | ||
::: | ||
<br> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you indent the image blocks by 4 spaces to be within each step, maybe that could change the rendering a bit and add more space? (I should try this out, I guess)
@kpollich, here's the Space Awareness PR we talked about. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great!
Co-authored-by: Visha Angelova <[email protected]>
@colleenmcginnis, here's the PR we talked about wrt versioning for layered content. Let's discuss, please. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@karenzone Based on a quick review, I would expect something like this to clarify what's available in which version.
My suggestions are meant to be illustrative — you'll likely need to adjust my suggestions based on the knowledge you've gained working on this issue (that I certainly don't have!).
Co-authored-by: Colleen McGinnis <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
✨ Looks good!
I left one question below in case it's something I missed before.
Co-authored-by: Colleen McGinnis <[email protected]>
Related:
PREVIEW: https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/1751/reference/fleet/fleet-roles-privileges