In Serverless, with the custom roles available, Security Solution users will have the ability to assign Spaces to the roles and being able to manage access to the specific Elasticsearch data and assign proper Kibana privileges.
But to deliver the complete UX we need to enhance custom roles creation experience with the ability to select existing (predefined) role as a template.
The historical reason why custom roles feature is needed by the Security Solution team - to provide the ability for the user to manage Spaces and the Elasticsearch data access for the Security roles/personas. Currently, to assign the Spaces to the one of the Security predefined role, the first step, user needs to recreate the role definition by copying it privileges configuration manually. Much simpler and better UX will be if user have an option to select the predefined role as a template for the custom role and modify/add only the privileges/spaces they might need.
cc: @bytebilly, @azasypkin, @legrego, @MikePaquette
In Serverless, with the custom roles available, Security Solution users will have the ability to assign Spaces to the roles and being able to manage access to the specific Elasticsearch data and assign proper Kibana privileges. But to deliver the complete UX we need to enhance custom roles creation experience with the ability to select existing (predefined) role as a template.
The historical reason why custom roles feature is needed by the Security Solution team - to provide the ability for the user to manage Spaces and the Elasticsearch data access for the Security roles/personas. Currently, to assign the Spaces to the one of the Security predefined role, the first step, user needs to recreate the role definition by copying it privileges configuration manually. Much simpler and better UX will be if user have an option to select the predefined role as a template for the custom role and modify/add only the privileges/spaces they might need. cc: @bytebilly, @azasypkin, @legrego, @MikePaquette