Skip to content

Commit

Permalink
[7.x] Doc changes for stack management and grouped feature privileges (
Browse files Browse the repository at this point in the history
…elastic#80486) (elastic#81795)

Co-authored-by: Kaarina Tungseth <kaarina.tungseth@elastic.co>
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
# Conflicts:
#	docs/images/intro-spaces.jpg
  • Loading branch information
legrego authored Oct 27, 2020
1 parent b947f35 commit 7745a54
Show file tree
Hide file tree
Showing 22 changed files with 63 additions and 2 deletions.
7 changes: 7 additions & 0 deletions docs/management/advanced-options.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,13 @@ values.
. Enter a new value for the setting.
. Click *Save changes*.

[float]
=== Required permissions

The `Advanced Settings` {kib} privilege is required to access *Advanced Settings*.

To add the privilege, open the menu, then click *Stack Management > Roles*.


[float]
[[settings-read-only-access]]
Expand Down
5 changes: 5 additions & 0 deletions docs/management/alerting/alerts-and-actions-intro.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -24,3 +24,8 @@ The *Alerts and Actions* UI only shows alerts and connectors for the current spa
can be managed through the <<watcher-ui, Watcher UI>>. See
<<alerting-concepts-differences>> for more information.
============================================================================

[float]
=== Required permissions

Access to alerts and actions is granted based on your privileges to alerting-enabled features. See <<alerting-security, Alerting Security>> for more information.
7 changes: 7 additions & 0 deletions docs/management/managing-beats.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,13 @@ more information, see https://www.elastic.co/subscriptions and
enrollment and configuration process step by step the first time you use the
Central Management UI.

[float]
=== Required permissions

You must have the `beats_admin` role assigned to use **{beats} Central Management**

To assign the role, open the menu, then click *Stack Management > Users*.


[float]
=== Enroll {beats}
Expand Down
7 changes: 7 additions & 0 deletions docs/management/managing-fields.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,13 @@ the index patterns that retrieve your data from {es}.
[role="screenshot"]
image::images/management-index-patterns.png[]

[float]
=== Required permissions

The `Index Pattern Management` {kib} privilege is required to access the *Index patterns* UI.

To add the privilege, open the menu, then click *Stack Management > Roles*.

[float]
=== Create an index pattern

Expand Down
10 changes: 10 additions & 0 deletions docs/management/managing-saved-objects.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,16 @@ To get started, open the main menu, then click *Stack Management > Saved Objects
[role="screenshot"]
image::images/management-saved-objects.png[Saved Objects]

[float]
=== Required permissions

The `Saved Objects Management` {kib} privilege is required to access the *Saved Objects* UI.

To add the privilege, open the menu, then click *Stack Management > Roles*.

NOTE:
Granting access to Saved Objects Management will authorize users to manage all saved objects in {kib}, including objects that are managed by applications they may not otherwise be authorized to access.


[float]
[[managing-saved-objects-view]]
Expand Down
Binary file modified docs/spaces/images/edit-space-feature-visibility.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified docs/spaces/images/edit-space.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified docs/spaces/images/space-selector.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified docs/spaces/images/spaces-roles.png
100755 → 100644
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
5 changes: 5 additions & 0 deletions docs/spaces/index.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,11 @@ Kibana supports spaces in several ways. You can:
* <<spaces-default-route, Configure a Space-level landing page>>
* <<spaces-delete-started, Disable the Spaces feature>>

[float]
==== Required permissions

The `kibana_admin` role or equivilent is required to manage **Spaces**.

[float]
[[spaces-managing]]
=== View, create, and delete spaces
Expand Down
2 changes: 1 addition & 1 deletion docs/user/introduction.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ You can even choose which features to enable within each space. Don’t need
Machine learning in your “Executive” space? Simply turn it off.

[role="screenshot"]
image::images/intro-spaces.jpg[]
image::images/intro-spaces.png[Space selector screen]

You can take this all one step further with Kibana’s security features, and
control which users have access to each space. {kib} allows for fine-grained
Expand Down
Binary file modified docs/user/introduction/images/intro-spaces.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
4 changes: 4 additions & 0 deletions docs/user/management.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,10 @@
*Stack Management* is home to UIs for managing all things Elastic Stack&mdash;
indices, clusters, licenses, UI settings, index patterns, spaces, and more.


Access to individual features is governed by {es} and {kib} privileges.
Consult your administrator if you do not have the appropriate access.

[float]
[[manage-ingest]]
== Ingest
Expand Down
7 changes: 6 additions & 1 deletion docs/user/security/authorization/index.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,12 @@ you cannot use `kibana_admin` to grant access. You must create custom roles that
[[kibana-role-management]]
=== {kib} role management

To create a role that grants {kib} privileges, open the main menu, click *Stack Management > Roles*, then click *Create role*.
To create a role that grants {kib} privileges, open the menu, then click *Stack Management > Roles* and click **Create role**.

[float]
==== Required permissions

The `manage_security` cluster privilege is required to access role management.

[[adding_kibana_privileges]]
==== Adding {kib} privileges
Expand Down
Binary file modified docs/user/security/images/add-space-privileges.png
100755 → 100644
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified docs/user/security/images/assign_base_privilege.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified docs/user/security/images/assign_feature_privilege.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified docs/user/security/images/privilege-example-1.png
100755 → 100644
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified docs/user/security/images/role-space-visualization.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified docs/user/security/images/view-privilege-summary.png
100755 → 100644
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
6 changes: 6 additions & 0 deletions docs/user/security/index.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@ auditing. For more information, see
{ref}/secure-cluster.html[Secure a cluster] and
<<using-kibana-with-security,Configuring Security in {kib}>>.

[float]
=== Required permissions

The `manage_security` cluster privilege is required to access all Security features.


[float]
=== Users

Expand Down
5 changes: 5 additions & 0 deletions docs/user/security/role-mappings/index.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,11 @@ With *Role mappings*, you can:
[role="screenshot"]
image:user/security/role-mappings/images/role-mappings-grid.png["Role mappings"]

[float]
==== Required permissions

The `manage_security` cluster privilege is required to manage Role Mappings.


[float]
=== Create a role mapping
Expand Down

0 comments on commit 7745a54

Please sign in to comment.