[Security Solution] Update Security Roles with new Rules RBAC permissions

src/platform/packages/shared/kbn-es/src/serverless_resources/project_roles/security/roles.yml

@@ -45,10 +45,10 @@ viewer:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.read
-        - feature_siemV4.read
-        - feature_siemV4.read_alerts
-        - feature_siemV4.endpoint_list_read
-        - feature_siemV4.endpoint_exceptions_read
+        - feature_siemV5.read
+        - feature_siemV5.endpoint_list_read
+        - feature_siemV5.endpoint_exceptions_read
+        - feature_securitySolutionRulesV1.read
         - feature_securitySolutionCasesV2.read
         - feature_securitySolutionAssistant.minimal_all
         - feature_securitySolutionAttackDiscovery.minimal_all
@@ -130,22 +130,21 @@ editor:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.read
-        - feature_siemV4.all
-        - feature_siemV4.read_alerts
-        - feature_siemV4.crud_alerts
-        - feature_siemV4.endpoint_list_all
-        - feature_siemV4.global_artifact_management_all
-        - feature_siemV4.trusted_applications_all
-        - feature_siemV4.trusted_devices_all
-        - feature_siemV4.event_filters_all
-        - feature_siemV4.host_isolation_exceptions_all
-        - feature_siemV4.blocklist_all
-        - feature_siemV4.endpoint_exceptions_all
-        - feature_siemV4.policy_management_read # Elastic Defend Policy Management
-        - feature_siemV4.host_isolation_all
-        - feature_siemV4.process_operations_all
-        - feature_siemV4.actions_log_management_all # Response actions history
-        - feature_siemV4.file_operations_all
+        - feature_siemV5.all
+        - feature_siemV5.endpoint_list_all
+        - feature_siemV5.global_artifact_management_all
+        - feature_siemV5.trusted_applications_all
+        - feature_siemV5.trusted_devices_all
+        - feature_siemV5.event_filters_all
+        - feature_siemV5.host_isolation_exceptions_all
+        - feature_siemV5.blocklist_all
+        - feature_siemV5.endpoint_exceptions_all
+        - feature_siemV5.policy_management_read # Elastic Defend Policy Management
+        - feature_siemV5.host_isolation_all
+        - feature_siemV5.process_operations_all
+        - feature_siemV5.actions_log_management_all # Response actions history
+        - feature_siemV5.file_operations_all
+        - feature_securitySolutionRulesV1.all
         - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
@@ -203,9 +202,9 @@ t1_analyst:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.read
-        - feature_siemV4.read
-        - feature_siemV4.read_alerts
-        - feature_siemV4.endpoint_list_read
+        - feature_siemV5.read
+        - feature_siemV5.endpoint_list_read
+        - feature_securitySolutionRulesV1.read
         - feature_securitySolutionCasesV2.read
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
@@ -266,9 +265,9 @@ t2_analyst:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.read
-        - feature_siemV4.read
-        - feature_siemV4.read_alerts
-        - feature_siemV4.endpoint_list_read
+        - feature_siemV5.read
+        - feature_siemV5.endpoint_list_read
+        - feature_securitySolutionRulesV1.read
         - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
@@ -334,24 +333,23 @@ t3_analyst:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.read
-        - feature_siemV4.all
-        - feature_siemV4.read_alerts
-        - feature_siemV4.crud_alerts
-        - feature_siemV4.endpoint_list_all
-        - feature_siemV4.global_artifact_management_all
-        - feature_siemV4.trusted_applications_all
-        - feature_siemV4.trusted_devices_all
-        - feature_siemV4.event_filters_all
-        - feature_siemV4.host_isolation_exceptions_all
-        - feature_siemV4.blocklist_all
-        - feature_siemV4.endpoint_exceptions_all
-        - feature_siemV4.policy_management_read # Elastic Defend Policy Management
-        - feature_siemV4.host_isolation_all
-        - feature_siemV4.process_operations_all
-        - feature_siemV4.actions_log_management_all # Response actions history
-        - feature_siemV4.file_operations_all
-        - feature_siemV4.scan_operations_all
-        - feature_siemV4.workflow_insights_all
+        - feature_siemV5.all
+        - feature_siemV5.endpoint_list_all
+        - feature_siemV5.global_artifact_management_all
+        - feature_siemV5.trusted_applications_all
+        - feature_siemV5.trusted_devices_all
+        - feature_siemV5.event_filters_all
+        - feature_siemV5.host_isolation_exceptions_all
+        - feature_siemV5.blocklist_all
+        - feature_siemV5.endpoint_exceptions_all
+        - feature_siemV5.policy_management_read # Elastic Defend Policy Management
+        - feature_siemV5.host_isolation_all
+        - feature_siemV5.process_operations_all
+        - feature_siemV5.actions_log_management_all # Response actions history
+        - feature_siemV5.file_operations_all
+        - feature_siemV5.scan_operations_all
+        - feature_siemV5.workflow_insights_all
+        - feature_securitySolutionRulesV1.all
         - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
@@ -419,11 +417,12 @@ threat_intelligence_analyst:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.read
-        - feature_siemV4.all
-        - feature_siemV4.endpoint_list_read
-        - feature_siemV4.global_artifact_management_all
-        - feature_siemV4.blocklist_all
-        - feature_siemV4.endpoint_exceptions_all
+        - feature_siemV5.all
+        - feature_siemV5.endpoint_list_read
+        - feature_siemV5.global_artifact_management_all
+        - feature_siemV5.blocklist_all
+        - feature_siemV5.endpoint_exceptions_all
+        - feature_securitySolutionRulesV1.all
         - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
@@ -492,20 +491,19 @@ rule_author:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.read
-        - feature_siemV4.all
-        - feature_siemV4.read_alerts
-        - feature_siemV4.crud_alerts
-        - feature_siemV4.policy_management_all
-        - feature_siemV4.endpoint_list_all
-        - feature_siemV4.global_artifact_management_all
-        - feature_siemV4.trusted_applications_all
-        - feature_siemV4.trusted_devices_all
-        - feature_siemV4.event_filters_all
-        - feature_siemV4.host_isolation_exceptions_read
-        - feature_siemV4.blocklist_all # Elastic Defend Policy Management
-        - feature_siemV4.endpoint_exceptions_all
-        - feature_siemV4.actions_log_management_read
-        - feature_siemV4.workflow_insights_all
+        - feature_siemV5.all
+        - feature_siemV5.policy_management_all
+        - feature_siemV5.endpoint_list_all
+        - feature_siemV5.global_artifact_management_all
+        - feature_siemV5.trusted_applications_all
+        - feature_siemV5.trusted_devices_all
+        - feature_siemV5.event_filters_all
+        - feature_siemV5.host_isolation_exceptions_read
+        - feature_siemV5.blocklist_all # Elastic Defend Policy Management
+        - feature_siemV5.endpoint_exceptions_all
+        - feature_siemV5.actions_log_management_read
+        - feature_siemV5.workflow_insights_all
+        - feature_securitySolutionRulesV1.all
         - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
@@ -582,26 +580,25 @@ soc_manager:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.read
-        - feature_siemV4.all
-        - feature_siemV4.read_alerts
-        - feature_siemV4.crud_alerts
-        - feature_siemV4.policy_management_all
-        - feature_siemV4.endpoint_list_all
-        - feature_siemV4.global_artifact_management_all
-        - feature_siemV4.trusted_applications_all
-        - feature_siemV4.trusted_devices_all
-        - feature_siemV4.event_filters_all
-        - feature_siemV4.host_isolation_exceptions_all
-        - feature_siemV4.blocklist_all
-        - feature_siemV4.endpoint_exceptions_all
-        - feature_siemV4.host_isolation_all
-        - feature_siemV4.process_operations_all
-        - feature_siemV4.actions_log_management_all
-        - feature_siemV4.file_operations_all
-        - feature_siemV4.execute_operations_all
-        - feature_siemV4.scan_operations_all
-        - feature_siemV4.workflow_insights_all
-        - feature_siemV4.soc_management_all
+        - feature_siemV5.all
+        - feature_siemV5.policy_management_all
+        - feature_siemV5.endpoint_list_all
+        - feature_siemV5.global_artifact_management_all
+        - feature_siemV5.trusted_applications_all
+        - feature_siemV5.trusted_devices_all
+        - feature_siemV5.event_filters_all
+        - feature_siemV5.host_isolation_exceptions_all
+        - feature_siemV5.blocklist_all
+        - feature_siemV5.endpoint_exceptions_all
+        - feature_siemV5.host_isolation_all
+        - feature_siemV5.process_operations_all
+        - feature_siemV5.actions_log_management_all
+        - feature_siemV5.file_operations_all
+        - feature_siemV5.execute_operations_all
+        - feature_siemV5.scan_operations_all
+        - feature_siemV5.workflow_insights_all
+        - feature_siemV5.soc_management_all
+        - feature_securitySolutionRulesV1.all
         - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
@@ -674,11 +671,10 @@ detections_admin:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.all
-        - feature_siemV4.all
-        - feature_siemV4.read_alerts
-        - feature_siemV4.crud_alerts
-        - feature_siemV4.global_artifact_management_all
-        - feature_siemV4.endpoint_exceptions_all
+        - feature_siemV5.all
+        - feature_siemV5.global_artifact_management_all
+        - feature_siemV5.endpoint_exceptions_all
+        - feature_securitySolutionRulesV1.all
         - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
@@ -743,20 +739,19 @@ platform_engineer:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.all
-        - feature_siemV4.all
-        - feature_siemV4.read_alerts
-        - feature_siemV4.crud_alerts
-        - feature_siemV4.policy_management_all
-        - feature_siemV4.endpoint_list_all
-        - feature_siemV4.global_artifact_management_all
-        - feature_siemV4.trusted_applications_all
-        - feature_siemV4.trusted_devices_all
-        - feature_siemV4.event_filters_all
-        - feature_siemV4.host_isolation_exceptions_all
-        - feature_siemV4.blocklist_all # Elastic Defend Policy Management
-        - feature_siemV4.endpoint_exceptions_all
-        - feature_siemV4.actions_log_management_read
-        - feature_siemV4.workflow_insights_all
+        - feature_siemV5.all
+        - feature_siemV5.policy_management_all
+        - feature_siemV5.endpoint_list_all
+        - feature_siemV5.global_artifact_management_all
+        - feature_siemV5.trusted_applications_all
+        - feature_siemV5.trusted_devices_all
+        - feature_siemV5.event_filters_all
+        - feature_siemV5.host_isolation_exceptions_all
+        - feature_siemV5.blocklist_all # Elastic Defend Policy Management
+        - feature_siemV5.endpoint_exceptions_all
+        - feature_siemV5.actions_log_management_read
+        - feature_siemV5.workflow_insights_all
+        - feature_securitySolutionRulesV1.all
         - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
@@ -825,24 +820,24 @@ endpoint_operations_analyst:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.read
-        - feature_siemV4.all
-        - feature_siemV4.read_alerts
-        - feature_siemV4.policy_management_all
-        - feature_siemV4.endpoint_list_all
-        - feature_siemV4.global_artifact_management_all
-        - feature_siemV4.trusted_applications_all
-        - feature_siemV4.trusted_devices_all
-        - feature_siemV4.event_filters_all
-        - feature_siemV4.host_isolation_exceptions_all
-        - feature_siemV4.blocklist_all
-        - feature_siemV4.endpoint_exceptions_all
-        - feature_siemV4.host_isolation_all
-        - feature_siemV4.process_operations_all
-        - feature_siemV4.actions_log_management_all
-        - feature_siemV4.file_operations_all
-        - feature_siemV4.execute_operations_all
-        - feature_siemV4.scan_operations_all
-        - feature_siemV4.workflow_insights_all
+        - feature_siemV5.all
+        - feature_siemV5.policy_management_all
+        - feature_siemV5.endpoint_list_all
+        - feature_siemV5.global_artifact_management_all
+        - feature_siemV5.trusted_applications_all
+        - feature_siemV5.trusted_devices_all
+        - feature_siemV5.event_filters_all
+        - feature_siemV5.host_isolation_exceptions_all
+        - feature_siemV5.blocklist_all
+        - feature_siemV5.endpoint_exceptions_all
+        - feature_siemV5.host_isolation_all
+        - feature_siemV5.process_operations_all
+        - feature_siemV5.actions_log_management_all
+        - feature_siemV5.file_operations_all
+        - feature_siemV5.execute_operations_all
+        - feature_siemV5.scan_operations_all
+        - feature_siemV5.workflow_insights_all
+        - feature_securitySolutionRulesV1.all
         - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all
@@ -919,19 +914,18 @@ endpoint_policy_manager:
     - application: 'kibana-.kibana'
       privileges:
         - feature_ml.all
-        - feature_siemV4.all
-        - feature_siemV4.read_alerts
-        - feature_siemV4.crud_alerts
-        - feature_siemV4.policy_management_all
-        - feature_siemV4.endpoint_list_all
-        - feature_siemV4.global_artifact_management_all
-        - feature_siemV4.trusted_applications_all
-        - feature_siemV4.trusted_devices_all
-        - feature_siemV4.event_filters_all
-        - feature_siemV4.host_isolation_exceptions_all
-        - feature_siemV4.blocklist_all # Elastic Defend Policy Management
-        - feature_siemV4.endpoint_exceptions_all
-        - feature_siemV4.workflow_insights_all
+        - feature_siemV5.all
+        - feature_siemV5.policy_management_all
+        - feature_siemV5.endpoint_list_all
+        - feature_siemV5.global_artifact_management_all
+        - feature_siemV5.trusted_applications_all
+        - feature_siemV5.trusted_devices_all
+        - feature_siemV5.event_filters_all
+        - feature_siemV5.host_isolation_exceptions_all
+        - feature_siemV5.blocklist_all # Elastic Defend Policy Management
+        - feature_siemV5.endpoint_exceptions_all
+        - feature_siemV5.workflow_insights_all
+        - feature_securitySolutionRulesV1.all
         - feature_securitySolutionCasesV2.all
         - feature_securitySolutionAssistant.all
         - feature_securitySolutionAttackDiscovery.all

src/platform/packages/shared/kbn-es/src/serverless_resources/project_roles/security/search_ai_lake/roles.yml

@@ -45,7 +45,8 @@ _search_ai_lake_analyst:
     - application: "kibana-.kibana"
       privileges:
         - "feature_ml.read"
-        - "feature_siemV4.all"
+        - "feature_siemV5.all"
+        - "feature_securitySolutionRulesV1.all"
         - "feature_securitySolutionCasesV2.all"
         - "feature_securitySolutionAssistant.all"
         - "feature_securitySolutionAttackDiscovery.minimal_all"
@@ -120,10 +121,11 @@ _search_ai_lake_soc_manager:
   applications:
     - application: "kibana-.kibana"
       privileges:
-        - "feature_siemV4.all"
-        - "feature_siemV4.global_artifact_management_all"
-        - "feature_siemV4.workflow_insights_all"
-        - "feature_siemV4.soc_management_all"
+        - "feature_siemV5.all"
+        - "feature_siemV5.global_artifact_management_all"
+        - "feature_siemV5.workflow_insights_all"
+        - "feature_siemV5.soc_management_all"
+        - "feature_securitySolutionRulesV1.all"
         - "feature_securitySolutionCasesV2.all"
         - "feature_securitySolutionAssistant.all"
         - "feature_securitySolutionAttackDiscovery.all"