Skip to content

[Security] Add entity store and asset criticality index privileges to built in Editor and Viewer roles #129662

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

[Security] Add entity store and asset criticality index privileges to built in Editor and Viewer roles #129662

wants to merge 3 commits into from
+25 −2

Conversation

opauloh
Copy link

@opauloh opauloh commented Jun 18, 2025

Summary

Currently, the editor and viewer roles do not contain the appropriate Entity Store and Asset Criticality index privileges for Security users.

This PR updates the index privileges to include the .entities.v1.latest.security* and .asset-criticality.asset-criticality-* indices with the appropriate permission:

Viewer

  • Read .entities.v1.latest.security*
  • Read .asset-criticality.asset-criticality-*

Editor

  • View .entities.v1.latest.security*
  • Read .asset-criticality.asset-criticality-*

@opauloh opauloh requested a review from a team as a code owner June 18, 2025 19:49
@elasticsearchmachine elasticsearchmachine added needs:triage Requires assignment of a team area label v9.1.0 external-contributor Pull request authored by a developer outside the Elasticsearch team labels Jun 18, 2025
@opauloh opauloh added Team:Security Meta label for security team and removed needs:triage Requires assignment of a team area label external-contributor Pull request authored by a developer outside the Elasticsearch team v9.1.0 labels Jun 18, 2025
@elasticsearchmachine elasticsearchmachine added needs:triage Requires assignment of a team area label and removed Team:Security Meta label for security team labels Jun 18, 2025
@opauloh opauloh added >enhancement v9.1.0 :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC labels Jun 18, 2025
@elasticsearchmachine elasticsearchmachine added Team:Security Meta label for security team and removed needs:triage Requires assignment of a team area label labels Jun 18, 2025
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@elasticsearchmachine
Copy link
Collaborator

Hi @opauloh, I've created a changelog YAML for you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
>enhancement :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC Team:Security Meta label for security team v9.1.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@opauloh @elasticsearchmachine