Custom roles & privileges: Revise, reorder, add serverless requirements pages #5779
Conversation
(rolling back the test)
We have to do this to create a PR preview
joepeeples
added
Team: Docs
Docset: Serverless
|
A documentation preview will be available soon. Request a new doc build by commenting
If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here. |
|
🚀 Built elastic-dot-co-docs-preview-docs successfully!
|
Lil edit in AsciiDoc too
Seems unnecessary, and would require custom image each for ESS and serverless
|
run docs-build |
1 similar comment
|
run docs-build |
There was a problem hiding this comment.
The Serverless additions and tweaks to the ESS look great! Thank you for renaming and moving the requirement files to more suitable places too. Sometimes, quickly finding the right file to change is a third of the battle 😅
On a bit of a tangent, I believe the work you did here takes care of most, if not all, of what need to be done to address #5301. I can follow up with Devin after you merge this PR to see if anything is missing or needs to be slightly modified in the Serverless docs.
Thanks again for taking care of all of this and aligning both docsets. Overall, it's a major accomplishment!
Previously commented out to generate PR preview
There was a problem hiding this comment.
This was a HUGE effort, thanks so much @joepeeples! Just a couple of slight nits, none critical.
| @@ -14,7 +14,7 @@ configure `source.geo` and `destination.geo` ECS fields for your indices. | |||
| [float] | |||
| [[prereq-perms]] | |||
| === Permissions required | |||
| In order to view the map, you need at least `Read` privileges for `Maps`. To configure it, you need `All` privileges. Maps privilege settings are under *Kibana privileges* -> *Analytics* -> *Maps*. | |||
| To view the map, you need a role with at least `Read` {kibana-ref}/kibana-role-management.html#adding_kibana_privileges[privileges] for the `Maps` feature. | |||
There was a problem hiding this comment.
Small nit but curious as to why Maps is in monospace here? I would think quotes or bold emphasis.
There was a problem hiding this comment.
That's how it was previously formatted, and historically we tend to use monospace for privileges (such as in the Detections privs table, "Kibana Privileges" column). I tend to agree that bold might be more appropriate for privs and features since they're UI elements, not text that the user types, but also hesitant to change this and make it less consistent with other feature privs.
…ts pages (#5779) * First draft: add Defend feature privs page * Test if bad link within conditional will break * Alas, CI doesn't catch bad links in conditionals (rolling back the test) * Temporarily comment out conditionals We have to do this to create a PR preview * Li'l edit for active voice * Reorg serverless req pages to match ESS * Align page titles * Move serverless source files for req pages * Remove old draft files (duplicates) * Revise "Elastic Security requirements" * Minor edits * Another edit * Revise "Network map data" page * Minor revision to "ML job and rule reqs" * Change terminology: predefined user role * Revise "Entity risk scoring" page * Revise "Cases requirements" Lil edit in AsciiDoc too * Remove image Seems unnecessary, and would require custom image each for ESS and serverless * Remove image: Defend feature privs Seems unnecessary and is highly subject to change. May also require custom image each for ESS and serverless * Revise "Detections requirements" Add big ol' table back in * Temporarily comment out conditionals in Detections * Revise "Advanced settings" * Revise "Endpoint response actions" * Un-comment conditionals Previously commented out to generate PR preview * Indent conditional contents (for readability) * Fix ML requirements * Apply feedback from Janeen's review (cherry picked from commit 9b556a7) # Conflicts: # docs/serverless/advanced-entity-analytics/ml-requirements.mdx # docs/serverless/endpoint-response-actions/response-actions.mdx # docs/serverless/explore/conf-map-ui.mdx # docs/serverless/serverless-security.docnav.json # docs/serverless/settings/advanced-settings.mdx
…irements pages (backport #5779) (#5850) * Custom roles & privileges: Revise, reorder, add serverless requirements pages (#5779) * First draft: add Defend feature privs page * Test if bad link within conditional will break * Alas, CI doesn't catch bad links in conditionals (rolling back the test) * Temporarily comment out conditionals We have to do this to create a PR preview * Li'l edit for active voice * Reorg serverless req pages to match ESS * Align page titles * Move serverless source files for req pages * Remove old draft files (duplicates) * Revise "Elastic Security requirements" * Minor edits * Another edit * Revise "Network map data" page * Minor revision to "ML job and rule reqs" * Change terminology: predefined user role * Revise "Entity risk scoring" page * Revise "Cases requirements" Lil edit in AsciiDoc too * Remove image Seems unnecessary, and would require custom image each for ESS and serverless * Remove image: Defend feature privs Seems unnecessary and is highly subject to change. May also require custom image each for ESS and serverless * Revise "Detections requirements" Add big ol' table back in * Temporarily comment out conditionals in Detections * Revise "Advanced settings" * Revise "Endpoint response actions" * Un-comment conditionals Previously commented out to generate PR preview * Indent conditional contents (for readability) * Fix ML requirements * Apply feedback from Janeen's review (cherry picked from commit 9b556a7) # Conflicts: # docs/serverless/advanced-entity-analytics/ml-requirements.mdx # docs/serverless/endpoint-response-actions/response-actions.mdx # docs/serverless/explore/conf-map-ui.mdx # docs/serverless/serverless-security.docnav.json # docs/serverless/settings/advanced-settings.mdx * Delete docs/serverless directory and its contents --------- Co-authored-by: Joe Peeples <joe.peeples@elastic.co> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Contributes to https://github.com/elastic/security-docs-internal/issues/11.
Also incorporates changes originally drafted in #5763 and #5772, but consolidated into this branch.
Previews
Preview serverless
Generating a preview is tricky, because a lot of content currently is hidden behind the
serverlessCustomRolesdocs feature flag until the feature is available in Production (ETA TBA). I temporarily commented out the conditionals to show the content for review purposes, and this is the latest preview build without the conditionals:https://elastic-dot-co-docs-production-bc2c75hpv-elastic-dev.vercel.app/current/serverless/security/what-is-security-serverless
I then un-commented the conditionals to re-hide the new content behind the flag. (This is more complicated than preferred, but I'd rather get this content merged soon — even with the added complexity — so we can continue to build around it, versus the content only existing in a PR branch and getting stale).
Preview ESS
These pages have minor edits for consistency with serverless counterparts:
Summary of changes
Adding content
For serverless MVP, we omitted a lot of content because custom roles and feature privileges weren't available yet. We can add that content back in now. As much as possible, I've tried to make the serverless content match ESS exactly, but there are spots where we also need to mention serverless-specific predefined roles (since serverless customers can use either predefined or custom roles now).
In some areas, I also tried not to introduce granular differences like changing
KibanatoElastic Security, because our assumptions have changed about that (the term still appears all over the serverless UI). Unifying content across serverless and ESS is a priority now.Reordering pages
We no longer need a separate section of requirements pages in serverless, so this PR moves those pages to locations that match ESS docs: each page is within a feature section.
Aligning titles
Our requirements pages currently go by lots of names: some are "prerequisites," some are "requirements," and one is even "prerequisites and requirements"! This PR uses a single unified name for all pages (for example, "Detections requirements"), in both ESS and serverless.
Housekeeping
This PR also moves around the serverless source files so they'll be easier to find in their respective feature folders. Doesn't affect output but improves authoring experience.