diff --git a/src/platform/packages/shared/kbn-es/src/serverless_resources/project_roles/security/roles.yml b/src/platform/packages/shared/kbn-es/src/serverless_resources/project_roles/security/roles.yml index 5ec83e26a2474..3777c4561163b 100644 --- a/src/platform/packages/shared/kbn-es/src/serverless_resources/project_roles/security/roles.yml +++ b/src/platform/packages/shared/kbn-es/src/serverless_resources/project_roles/security/roles.yml @@ -48,7 +48,7 @@ viewer: - feature_siemV5.read - feature_siemV5.endpoint_list_read - feature_siemV5.endpoint_exceptions_read - - feature_securitySolutionRulesV1.read + - feature_securitySolutionRulesV2.read - feature_securitySolutionCasesV2.read - feature_securitySolutionAssistant.minimal_all - feature_securitySolutionAttackDiscovery.minimal_all @@ -145,7 +145,7 @@ editor: - feature_siemV5.process_operations_all - feature_siemV5.actions_log_management_all # Response actions history - feature_siemV5.file_operations_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCasesV2.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -206,7 +206,7 @@ t1_analyst: - feature_ml.read - feature_siemV5.read - feature_siemV5.endpoint_list_read - - feature_securitySolutionRulesV1.read + - feature_securitySolutionRulesV2.read - feature_securitySolutionCasesV2.read - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -270,7 +270,7 @@ t2_analyst: - feature_ml.read - feature_siemV5.read - feature_siemV5.endpoint_list_read - - feature_securitySolutionRulesV1.read + - feature_securitySolutionRulesV2.read - feature_securitySolutionCasesV2.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -353,7 +353,7 @@ t3_analyst: - feature_siemV5.file_operations_all - feature_siemV5.scan_operations_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCasesV2.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -427,7 +427,7 @@ threat_intelligence_analyst: - feature_siemV5.global_artifact_management_all - feature_siemV5.blocklist_all - feature_siemV5.endpoint_exceptions_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCasesV2.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -509,7 +509,7 @@ rule_author: - feature_siemV5.endpoint_exceptions_all - feature_siemV5.actions_log_management_read - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCasesV2.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -605,7 +605,7 @@ soc_manager: - feature_siemV5.scan_operations_all - feature_siemV5.workflow_insights_all - feature_siemV5.soc_management_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCasesV2.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -682,7 +682,7 @@ detections_admin: - feature_siemV5.all - feature_siemV5.global_artifact_management_all - feature_siemV5.endpoint_exceptions_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCasesV2.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -760,7 +760,7 @@ platform_engineer: - feature_siemV5.endpoint_exceptions_all - feature_siemV5.actions_log_management_read - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCasesV2.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -847,7 +847,7 @@ endpoint_operations_analyst: - feature_siemV5.execute_operations_all - feature_siemV5.scan_operations_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCasesV2.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -936,7 +936,7 @@ endpoint_policy_manager: - feature_siemV5.blocklist_all # Elastic Defend Policy Management - feature_siemV5.endpoint_exceptions_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCasesV2.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all diff --git a/src/platform/packages/shared/kbn-es/src/serverless_resources/project_roles/security/search_ai_lake/roles.yml b/src/platform/packages/shared/kbn-es/src/serverless_resources/project_roles/security/search_ai_lake/roles.yml index 6b936a931edfe..f436f48a50cbe 100644 --- a/src/platform/packages/shared/kbn-es/src/serverless_resources/project_roles/security/search_ai_lake/roles.yml +++ b/src/platform/packages/shared/kbn-es/src/serverless_resources/project_roles/security/search_ai_lake/roles.yml @@ -46,7 +46,7 @@ _search_ai_lake_analyst: privileges: - "feature_ml.read" - "feature_siemV5.all" - - "feature_securitySolutionRulesV1.all" + - "feature_securitySolutionRulesV2.all" - "feature_securitySolutionCasesV2.all" - "feature_securitySolutionAssistant.all" - "feature_securitySolutionAttackDiscovery.minimal_all" @@ -126,7 +126,7 @@ _search_ai_lake_soc_manager: - "feature_siemV5.global_artifact_management_all" - "feature_siemV5.workflow_insights_all" - "feature_siemV5.soc_management_all" - - "feature_securitySolutionRulesV1.all" + - "feature_securitySolutionRulesV2.all" - "feature_securitySolutionCasesV2.all" - "feature_securitySolutionAssistant.all" - "feature_securitySolutionAttackDiscovery.all" diff --git a/src/platform/packages/shared/kbn-es/src/serverless_resources/security_roles.json b/src/platform/packages/shared/kbn-es/src/serverless_resources/security_roles.json index b2a36153665c7..cb3e1033be879 100644 --- a/src/platform/packages/shared/kbn-es/src/serverless_resources/security_roles.json +++ b/src/platform/packages/shared/kbn-es/src/serverless_resources/security_roles.json @@ -47,7 +47,7 @@ "siemV5": [ "read" ], - "securitySolutionRulesV1": [ + "securitySolutionRulesV2": [ "read" ], "securitySolutionAssistant": [ @@ -129,7 +129,7 @@ "siemV5": [ "read" ], - "securitySolutionRulesV1": [ + "securitySolutionRulesV2": [ "read" ], "securitySolutionAssistant": [ @@ -244,7 +244,7 @@ "actions_log_management_all", "file_operations_all" ], - "securitySolutionRulesV1": [ + "securitySolutionRulesV2": [ "all" ], "securitySolutionCasesV2": [ @@ -358,7 +358,7 @@ "all", "endpoint_exceptions_all" ], - "securitySolutionRulesV1": [ + "securitySolutionRulesV2": [ "all" ], "securitySolutionAssistant": [ @@ -453,7 +453,7 @@ "all", "endpoint_exceptions_all" ], - "securitySolutionRulesV1": [ + "securitySolutionRulesV2": [ "all" ], "securitySolutionAssistant": [ @@ -542,7 +542,7 @@ "all", "endpoint_exceptions_all" ], - "securitySolutionRulesV1": [ + "securitySolutionRulesV2": [ "all" ], "securitySolutionAssistant": [ @@ -646,7 +646,7 @@ "all", "endpoint_exceptions_all" ], - "securitySolutionRulesV1": [ + "securitySolutionRulesV2": [ "all" ], "securitySolutionAssistant": [ diff --git a/x-pack/platform/plugins/shared/osquery/cypress/lib/kibana_roles/project_controller_security_roles.yml b/x-pack/platform/plugins/shared/osquery/cypress/lib/kibana_roles/project_controller_security_roles.yml index b5d480fa3400b..72ae635ae87be 100644 --- a/x-pack/platform/plugins/shared/osquery/cypress/lib/kibana_roles/project_controller_security_roles.yml +++ b/x-pack/platform/plugins/shared/osquery/cypress/lib/kibana_roles/project_controller_security_roles.yml @@ -47,7 +47,7 @@ viewer: - feature_siemV5.read - feature_siemV5.endpoint_list_read - feature_siemV5.endpoint_exceptions_read - - feature_securitySolutionRulesV1.read + - feature_securitySolutionRulesV2.read - feature_securitySolutionCases.read - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -135,7 +135,7 @@ editor: - feature_siemV5.process_operations_all - feature_siemV5.actions_log_management_all # Response actions history - feature_siemV5.file_operations_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -193,7 +193,7 @@ t1_analyst: - feature_ml.read - feature_siemV5.read - feature_siemV5.endpoint_list_read - - feature_securitySolutionRulesV1.read + - feature_securitySolutionRulesV2.read - feature_securitySolutionCases.read - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -254,7 +254,7 @@ t2_analyst: - feature_ml.read - feature_siemV5.read - feature_siemV5.endpoint_list_read - - feature_securitySolutionRulesV1.read + - feature_securitySolutionRulesV2.read - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -334,7 +334,7 @@ t3_analyst: - feature_siemV5.file_operations_all - feature_siemV5.scan_operations_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -400,7 +400,7 @@ threat_intelligence_analyst: - feature_siemV5.global_artifact_management_all - feature_siemV5.blocklist_all - feature_siemV5.endpoint_exceptions_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -480,7 +480,7 @@ rule_author: - feature_siemV5.endpoint_exceptions_all - feature_siemV5.actions_log_management_read - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -566,7 +566,7 @@ soc_manager: - feature_siemV5.execute_operations_all - feature_siemV5.scan_operations_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_observabilityCases.all - feature_securitySolutionAssistant.all @@ -637,7 +637,7 @@ detections_admin: - feature_siemV5.all - feature_siemV5.global_artifact_management_all - feature_siemV5.endpoint_exceptions_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -707,7 +707,7 @@ platform_engineer: - feature_siemV5.endpoint_exceptions_all - feature_siemV5.actions_log_management_read - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -791,7 +791,7 @@ endpoint_operations_analyst: - feature_siemV5.execute_operations_all # Execute - feature_siemV5.scan_operations_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -869,7 +869,7 @@ endpoint_policy_manager: - feature_siemV5.blocklist_all # Elastic Defend Policy Management - feature_siemV5.endpoint_exceptions_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all diff --git a/x-pack/solutions/security/plugins/security_solution/common/test/ess_roles.json b/x-pack/solutions/security/plugins/security_solution/common/test/ess_roles.json index f425895e36779..65598cdfb54b6 100644 --- a/x-pack/solutions/security/plugins/security_solution/common/test/ess_roles.json +++ b/x-pack/solutions/security/plugins/security_solution/common/test/ess_roles.json @@ -49,7 +49,7 @@ "feature": { "ml": ["read"], "siemV5": ["read", "endpoint_exceptions_read"], - "securitySolutionRulesV1": ["read"], + "securitySolutionRulesV2": ["read"], "securitySolutionAssistant": ["none"], "securitySolutionAttackDiscovery": ["none"], "securitySolutionCasesV2": ["read"], @@ -101,7 +101,7 @@ "feature": { "ml": ["read"], "siemV5": ["all", "global_artifact_management_all", "endpoint_exceptions_all"], - "securitySolutionRulesV1": ["all"], + "securitySolutionRulesV2": ["all"], "securitySolutionAssistant": ["all"], "securitySolutionAttackDiscovery": ["all"], "securitySolutionCasesV2": ["all"], @@ -153,7 +153,7 @@ "feature": { "ml": ["read"], "siemV5": ["all", "global_artifact_management_all", "endpoint_exceptions_all"], - "securitySolutionRulesV1": ["all"], + "securitySolutionRulesV2": ["all"], "securitySolutionAssistant": ["all"], "securitySolutionAttackDiscovery": ["all"], "securitySolutionCasesV2": ["all"], @@ -177,7 +177,7 @@ { "feature": { "siemV5": ["read", "endpoint_exceptions_read"], - "securitySolutionRulesV1": ["read"] + "securitySolutionRulesV2": ["read"] }, "spaces": ["*"], "base": [] @@ -228,7 +228,7 @@ "feature": { "ml": ["read"], "siemV5": ["all", "global_artifact_management_all", "endpoint_exceptions_all"], - "securitySolutionRulesV1": ["all"], + "securitySolutionRulesV2": ["all"], "securitySolutionAssistant": ["all"], "securitySolutionAttackDiscovery": ["all"], "securitySolutionCasesV2": ["all"], @@ -285,7 +285,7 @@ "feature": { "ml": ["read"], "siemV5": ["all", "global_artifact_management_all", "endpoint_exceptions_all"], - "securitySolutionRulesV1": ["all"], + "securitySolutionRulesV2": ["all"], "securitySolutionAssistant": ["all"], "securitySolutionAttackDiscovery": ["all"], "securitySolutionCasesV2": ["all"], diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/detections_admin.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/detections_admin.ts index 3a3a2959eeef0..ef68857651f97 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/detections_admin.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/detections_admin.ts @@ -18,7 +18,7 @@ export const getDetectionsAdmin: () => Omit = () => { feature: { ...noResponseActionsRole.kibana[0].feature, siemV5: ['all', 'global_artifact_management_all', 'endpoint_exceptions_all'], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/endpoint_operations_analyst.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/endpoint_operations_analyst.ts index abe75262b80af..c066e1f9ec82f 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/endpoint_operations_analyst.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/endpoint_operations_analyst.ts @@ -78,7 +78,7 @@ export const getEndpointOperationsAnalyst: () => Omit = () => { 'scan_operations_all', 'workflow_insights_all', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/endpoint_security_policy_manager.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/endpoint_security_policy_manager.ts index b3449cd4042f1..9028da6cb06a8 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/endpoint_security_policy_manager.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/endpoint_security_policy_manager.ts @@ -32,7 +32,7 @@ export const getEndpointSecurityPolicyManager: () => Omit = () => 'workflow_insights_all', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/hunter.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/hunter.ts index 58a94b1e4d8b1..6f9b00f549ad0 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/hunter.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/hunter.ts @@ -33,7 +33,7 @@ export const getHunter: () => Omit = () => { 'process_operations_all', 'actions_log_management_all', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/platform_engineer.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/platform_engineer.ts index 55724169f8fdb..9a583ae1feefd 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/platform_engineer.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/platform_engineer.ts @@ -34,7 +34,7 @@ export const getPlatformEngineer: () => Omit = () => { 'workflow_insights_all', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/rule_author.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/rule_author.ts index 72afd1e4d7402..c5c4246a2c2d4 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/rule_author.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/rule_author.ts @@ -31,7 +31,7 @@ export const getRuleAuthor: () => Omit = () => { 'actions_log_management_read', 'workflow_insights_all', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml index 4cc1c9eb66293..e393fb42f9872 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml @@ -68,7 +68,7 @@ viewer: - feature_siemV5.read - feature_siemV5.endpoint_list_read - feature_siemV5.endpoint_exceptions_read - - feature_securitySolutionRulesV1.read + - feature_securitySolutionRulesV2.read - feature_securitySolutionCases.read - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -159,7 +159,7 @@ editor: - feature_siemV5.process_operations_all - feature_siemV5.actions_log_management_all # Response actions history - feature_siemV5.file_operations_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -217,7 +217,7 @@ t1_analyst: - feature_ml.read - feature_siemV5.read - feature_siemV5.endpoint_list_read - - feature_securitySolutionRulesV1.read + - feature_securitySolutionRulesV2.read - feature_securitySolutionCases.read - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -280,7 +280,7 @@ t2_analyst: - feature_ml.read - feature_siemV5.read - feature_siemV5.endpoint_list_read - - feature_securitySolutionRulesV1.read + - feature_securitySolutionRulesV2.read - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -361,7 +361,7 @@ t3_analyst: - feature_siemV5.file_operations_all - feature_siemV5.scan_operations_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -429,7 +429,7 @@ threat_intelligence_analyst: - feature_siemV5.global_artifact_management_all - feature_siemV5.blocklist_all - feature_siemV5.endpoint_exceptions_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -510,7 +510,7 @@ rule_author: - feature_siemV5.endpoint_exceptions_all - feature_siemV5.actions_log_management_read - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -596,7 +596,7 @@ soc_manager: - feature_siemV5.execute_operations_all - feature_siemV5.scan_operations_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -668,7 +668,7 @@ detections_admin: - feature_siemV5.all - feature_siemV5.global_artifact_management_all - feature_siemV5.endpoint_exceptions_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -740,7 +740,7 @@ platform_engineer: - feature_siemV5.endpoint_exceptions_all - feature_siemV5.actions_log_management_read - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -827,7 +827,7 @@ endpoint_operations_analyst: - feature_siemV5.execute_operations_all # Execute - feature_siemV5.scan_operations_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all @@ -907,7 +907,7 @@ endpoint_policy_manager: - feature_siemV5.blocklist_all # Elastic Defend Policy Management - feature_siemV5.endpoint_exceptions_all - feature_siemV5.workflow_insights_all - - feature_securitySolutionRulesV1.all + - feature_securitySolutionRulesV2.all - feature_securitySolutionCases.all - feature_securitySolutionAssistant.all - feature_securitySolutionAttackDiscovery.all diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/soc_manager.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/soc_manager.ts index 2ec8d73c14969..9bfb4dc4b576a 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/soc_manager.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/soc_manager.ts @@ -37,7 +37,7 @@ export const getSocManager: () => Omit = () => { 'workflow_insights_all', 'soc_management_all', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t1_analyst.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t1_analyst.ts index 986ec23f87a87..53a04f142ace8 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t1_analyst.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t1_analyst.ts @@ -18,7 +18,7 @@ export const getT1Analyst: () => Omit = () => { feature: { ...noResponseActionsRole.kibana[0].feature, siemV5: ['read'], - securitySolutionRulesV1: ['read'], + securitySolutionRulesV2: ['read'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t2_analyst.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t2_analyst.ts index dd4856bae8aa7..182c3635fae7d 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t2_analyst.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t2_analyst.ts @@ -18,7 +18,7 @@ export const getT2Analyst: () => Omit = () => { feature: { ...noResponseActionsRole.kibana[0].feature, siemV5: ['read', 'actions_log_management_read'], - securitySolutionRulesV1: ['read'], + securitySolutionRulesV2: ['read'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t3_analyst.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t3_analyst.ts index 4d56404d84f13..1e53e7466058c 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t3_analyst.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/t3_analyst.ts @@ -35,7 +35,7 @@ export const getT3Analyst: () => Omit = () => { 'scan_operations_all', 'workflow_insights_all', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/threat_intelligence_analyst.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/threat_intelligence_analyst.ts index 172281a785c33..53bf878e857bb 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/threat_intelligence_analyst.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/threat_intelligence_analyst.ts @@ -24,7 +24,7 @@ export const getThreatIntelligenceAnalyst: () => Omit = () => { 'endpoint_exceptions_all', 'actions_log_management_read', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/with_artifact_read_privileges_role.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/with_artifact_read_privileges_role.ts index 1fec4b0e6b440..7e6c79897ff2e 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/with_artifact_read_privileges_role.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/with_artifact_read_privileges_role.ts @@ -26,7 +26,7 @@ export const getWithArtifactReadPrivilegesRole: () => Omit = () => 'event_filters_read', 'endpoint_exceptions_read', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/with_response_actions_role.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/with_response_actions_role.ts index a100b6d14f714..e8d33ed49b3b3 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/with_response_actions_role.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/with_response_actions_role.ts @@ -27,7 +27,7 @@ export const getWithResponseActionsRole: () => Omit = () => { 'actions_log_management_all', 'actions_log_management_read', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], }, diff --git a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/without_response_actions_role.ts b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/without_response_actions_role.ts index 83ad00ecaad2f..5b06cc7a24d5b 100644 --- a/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/without_response_actions_role.ts +++ b/x-pack/solutions/security/plugins/security_solution/scripts/endpoint/common/roles_users/without_response_actions_role.ts @@ -53,7 +53,7 @@ export const getNoResponseActionsRole: () => Omit = () => ({ 'endpoint_exceptions_all', 'policy_management_all', ], - securitySolutionRulesV1: ['all'], + securitySolutionRulesV2: ['all'], securitySolutionTimeline: ['all'], securitySolutionNotes: ['all'], stackAlerts: ['all'], diff --git a/x-pack/solutions/security/test/security_solution_cypress/cypress/e2e/ai4dsoc/capabilities/access.cy.ts b/x-pack/solutions/security/test/security_solution_cypress/cypress/e2e/ai4dsoc/capabilities/access.cy.ts index a181ffce8c947..4c341ec39bd74 100644 --- a/x-pack/solutions/security/test/security_solution_cypress/cypress/e2e/ai4dsoc/capabilities/access.cy.ts +++ b/x-pack/solutions/security/test/security_solution_cypress/cypress/e2e/ai4dsoc/capabilities/access.cy.ts @@ -130,7 +130,7 @@ describe('Capabilities', { tags: '@serverless' }, () => { }, kibana: [ { - feature: { siemV5: ['all'], securitySolutionRulesV1: ['all'], fleet: ['all'] }, + feature: { siemV5: ['all'], securitySolutionRulesV2: ['all'], fleet: ['all'] }, spaces: ['*'], }, ], diff --git a/x-pack/solutions/security/test/session_view/basic/tests/index.ts b/x-pack/solutions/security/test/session_view/basic/tests/index.ts index b7ced36dd0573..2f5d197bec4cf 100644 --- a/x-pack/solutions/security/test/session_view/basic/tests/index.ts +++ b/x-pack/solutions/security/test/session_view/basic/tests/index.ts @@ -58,7 +58,7 @@ export const securitySolutionOnlyReadSpacesAll: Role = { { feature: { siemV5: ['read'], - securitySolutionRulesV1: ['read'], + securitySolutionRulesV2: ['read'], }, spaces: ['*'], },