Skip to content

Commit

Permalink
[Alerting][Docs] Updating alerting setup docs (#109285) (#109826)
Browse files Browse the repository at this point in the history 
* Updating alerting authorization docs

* Apply suggestions from code review

Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>

Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>

Co-authored-by: ymao1 <ying.mao@elastic.co>
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
  • Loading branch information
@kibanamachine @ymao1 @gchaps
3 people authored Aug 24, 2021
1 parent f13c4a8 commit 273ab1e
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions docs/user/alerting/alerting-setup.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,9 +61,13 @@ Rules and connectors are isolated to the {kib} space in which they were created.
[[alerting-authorization]]
=== Authorization

Rules, including all background detection and the actions they generate are authorized using an <<api-keys, API key>> associated with the last user to edit the rule. Upon creating or modifying a rule, an API key is generated for that user, capturing a snapshot of their privileges at that moment in time. The API key is then used to run all background tasks associated with the rule including detection checks and executing actions.
Rules are authorized using an <<api-keys, API key>> associated with the last user to edit the rule. This API key captures a snapshot of the user's privileges at the time of edit and is subsequently used to run all background tasks associated with the rule, including condition checks, like {es} queries, and action executions. The following rule actions will re-generate the API key:

* Creating a rule
* Enabling a disabled rule
* Updating a rule

[IMPORTANT]
==============================================
If a rule requires certain privileges to run, such as index privileges, keep in mind that if a user without those privileges updates the rule, the rule will no longer function.
If a rule requires certain privileges, such as index privileges, to run, and a user without those privileges updates, disables, or re-enables the rule, the rule will no longer function. Conversely, if a user with greater or administrator privileges modifies the rule, it will begin running with increased privileges.
==============================================

0 comments on commit 273ab1e

Please sign in to comment.