Merge branch 'master' into dev/search/2

.github/ISSUE_TEMPLATE/Bug_report_security_solution.md

@@ -1,38 +1,38 @@
----
-name: Bug report for Security Solution
-about: Help us identify bugs in Elastic Security, SIEM, and Endpoint so we can fix them!
-title: '[Security Solution]'
-labels: 'Team: SecuritySolution'
----
-
-**Describe the bug:**
-
-**Kibana/Elasticsearch Stack version:**
-
-**Server OS version:**
-
-**Browser and Browser OS versions:**
-
-**Elastic Endpoint version:**
-
-**Original install method (e.g. download page, yum, from source, etc.):**
-
-**Functional Area (e.g. Endpoint management, timelines, resolver, etc.):**
-
-**Steps to reproduce:**
-
-1.
-2.
-3.
-
-**Current behavior:**
-
-**Expected behavior:**
-
-**Screenshots (if relevant):**
-
-**Errors in browser console (if relevant):**
-
-**Provide logs and/or server output (if relevant):**
-
-**Any additional context (logs, chat logs, magical formulas, etc.):**
+---
+name: Bug report for Security Solution
+about: Help us identify bugs in Elastic Security, SIEM, and Endpoint so we can fix them!
+title: '[Security Solution]'
+labels: 'bug, Team: SecuritySolution'
+---
+
+**Describe the bug:**
+
+**Kibana/Elasticsearch Stack version:**
+
+**Server OS version:**
+
+**Browser and Browser OS versions:**
+
+**Elastic Endpoint version:**
+
+**Original install method (e.g. download page, yum, from source, etc.):**
+
+**Functional Area (e.g. Endpoint management, timelines, resolver, etc.):**
+
+**Steps to reproduce:**
+
+1.
+2.
+3.
+
+**Current behavior:**
+
+**Expected behavior:**
+
+**Screenshots (if relevant):**
+
+**Errors in browser console (if relevant):**
+
+**Provide logs and/or server output (if relevant):**
+
+**Any additional context (logs, chat logs, magical formulas, etc.):**

.github/ISSUE_TEMPLATE/v8_breaking_change.md

@@ -2,7 +2,7 @@
 name: 8.0 Breaking change
 about: Breaking changes from 7.x -> 8.0
 title: "[Breaking change]"
-labels: Team:Elasticsearch UI, Feature:Upgrade Assistant
+labels: Team:Elasticsearch UI, Feature:Upgrade Assistant, Breaking Change
 assignees: ''
 
 ---
@@ -11,15 +11,16 @@ assignees: ''
 
 **Which release will ship the breaking change?**
 
-<!-- e.g., v7.6.2 -->
+8.0
 
 **Describe the change. How will it manifest to users?**
 
-**What percentage of users will be affected?**
+**How many users will be affected?**
 
-<!-- e.g., Roughly 75% will need to make changes to x. -->
+<!-- e.g., Based on telemetry data, roughly 75% of our users will need to make changes to x -->
+<!-- e.g., A majority of users will need to make changes to x. -->
 
-**What can users to do to address the change manually?**
+**What can users do to address the change manually?**
 
 <!-- If applicable, describe the manual workaround -->
 

docs/management/advanced-options.asciidoc

@@ -11,6 +11,13 @@ values.
 . Enter a new value for the setting.
 . Click *Save changes*.
 
+[float]
+=== Required permissions
+
+The `Advanced Settings` {kib} privilege is required to access *Advanced Settings*.
+
+To add the privilege, open the menu, then click *Stack Management > Roles*.
+
 
 [float]
 [[settings-read-only-access]]

docs/management/alerting/alerts-and-actions-intro.asciidoc

@@ -24,3 +24,8 @@ The *Alerts and Actions* UI only shows alerts and connectors for the current spa
 can be managed through the <<watcher-ui, Watcher UI>>. See
 <<alerting-concepts-differences>> for more information.
 ============================================================================
+
+[float]
+=== Required permissions
+
+Access to alerts and actions is granted based on your privileges to alerting-enabled features. See <<alerting-security, Alerting Security>> for more information.

docs/management/managing-beats.asciidoc

@@ -29,6 +29,13 @@ more information, see https://www.elastic.co/subscriptions and
 enrollment and configuration process step by step the first time you use the
 Central Management UI.
 
+[float]
+=== Required permissions
+
+You must have the `beats_admin` role assigned to use **{beats} Central Management**
+
+To assign the role, open the menu, then click *Stack Management > Users*.
+
 
 [float]
 === Enroll {beats}

docs/management/managing-fields.asciidoc

@@ -7,6 +7,13 @@ the index patterns that retrieve your data from {es}.
 [role="screenshot"]
 image::images/management-index-patterns.png[]
 
+[float]
+=== Required permissions
+
+The `Index Pattern Management` {kib} privilege is required to access the *Index patterns* UI.
+
+To add the privilege, open the menu, then click *Stack Management > Roles*.
+
 [float]
 === Create an index pattern
 

docs/management/managing-saved-objects.asciidoc

@@ -10,6 +10,16 @@ To get started, open the main menu, then click *Stack Management > Saved Objects
 [role="screenshot"]
 image::images/management-saved-objects.png[Saved Objects]
 
+[float]
+=== Required permissions
+
+The `Saved Objects Management` {kib} privilege is required to access the *Saved Objects* UI.
+
+To add the privilege, open the menu, then click *Stack Management > Roles*.
+
+NOTE:
+Granting access to Saved Objects Management will authorize users to manage all saved objects in {kib}, including objects that are managed by applications they may not otherwise be authorized to access.
+
 
 [float]
 [[managing-saved-objects-view]]

docs/setup/upgrade.asciidoc

@@ -4,29 +4,24 @@
 Depending on the {kib} version you're upgrading from, the upgrade process to 7.0
 varies.
 
-NOTE: {kib} upgrades automatically when starting a new version, as described in
-<<upgrade-migrations, this document>>.
-Although you do not need to manually back up {kib} before upgrading, we recommend
-that you have a backup on hand. You can use
-<<snapshot-repositories, Snapshot and Restore>> to back up {kib}
-data by targeting `.kibana*` indices. If you are using the Reporting plugin,
-you can also target `.reporting*` indices.
-
 [float]
 [[upgrade-before-you-begin]]
 === Before you begin
 
+WARNING: {kib} automatically runs upgrade migrations when required. To roll back to an earlier version in case of an upgrade failure, you **must** have a backup snapshot available. Use <<snapshot-repositories, Snapshot and Restore>> to back up {kib} data by targeting the `.kibana*` indices. For more information see <<upgrade-migrations, upgrade migrations>>.
+
 Before you upgrade {kib}:
 
 * Consult the <<breaking-changes,breaking changes>>.
+* Back up your data with <<snapshot-repositories, Snapshot and Restore>>. To roll back to an earlier version, you **must** have a snapshot of the `.kibana*` indices. 
+* Although not a requirement for rollbacks, we recommend taking a snapshot of all {kib} indices created by the plugins you use such as the `.reporting*` indices created by the reporting plugin.  
 * Before you upgrade production servers, test the upgrades in a dev environment.
-* Back up your data with {es} {ref}/modules-snapshots.html[snapshots].
-  To roll back to an earlier version, you **must** have a backup of your data.
+* See <<preventing-migration-failures, preventing migration failures>> for common reasons upgrades fail and how to prevent these.
 * If you are using custom plugins, check that a compatible version is
   available.
-* Shut down all {kib} nodes. Running more than one {kib} version against the
-  same Elasticseach index is unsupported. If you upgrade while older {kib} nodes are
-  running, the upgrade can fail.
+* Shut down all {kib} instances. Running more than one {kib} version against
+  the same Elasticseach index is unsupported. Upgrading while older {kib}
+  instances are running can cause data loss or upgrade failures.
 
 To identify the changes you need to make to upgrade, and to enable you to
 perform an Elasticsearch rolling upgrade with no downtime, you must upgrade to