[Request][8.11-8.13] Doc privs required to create and manage the `.li…

…sts` data stream (#4524) * First draft * Additional revisions * Re-adding row * Updated lang * Additional revisions * re-org content * Additional notes * Removing anchors * Updated title * Updated exception docs * Incorporating feedback from vitalii * Update docs/detections/api/exceptions/lists-index-api-overview.asciidoc * Update docs/detections/api/exceptions/exceptions-api-overview.asciidoc Co-authored-by: Joe Peeples <[email protected]> * Update docs/detections/api/lists/lists-api-overview.asciidoc Co-authored-by: Joe Peeples <[email protected]> * Update docs/getting-started/detections-req.asciidoc Co-authored-by: Joe Peeples <[email protected]> * Update docs/getting-started/detections-req.asciidoc --------- Co-authored-by: Joe Peeples <[email protected]>
elastic · Jan 29, 2024 · a41508c · a41508c
1 parent 4e9c0fc
commit a41508c
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 33 deletions.
diff --git a/docs/detections/api/exceptions/exceptions-api-overview.asciidoc b/docs/detections/api/exceptions/exceptions-api-overview.asciidoc
@@ -37,19 +37,9 @@ entities:
 
 image::images/exceptions-logic.png[]
 
-IMPORTANT: Before you can create exceptions, you must create `.lists` and
-`.items` data streams for the {kib} space (see <<lists-index-api-overview>>).
-
 [float]
-=== Kibana role requirements
-
-To create list containers and items, the user role for the {kib} space must
-have:
-
-* `read` and `write` index privileges for the
-`.lists` and `.items` data streams (the system data stream used for storing exception lists).
-* {kib} space `All` privileges for the `Security` and `Saved Objects Management`
-features (see
-{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]).
+=== Exceptions requirements 
 
-See <<detections-permissions-section>> for a complete list of requirements.
+Before you start working with exceptions that use value lists, you must create the `.lists` and `.items` data streams for the relevant {kib} space. To learn how to do this, go to <<lists-index-api-overview>>. 
+
+Once these data streams are created, your role needs privileges to manage rules. Refer to <<enable-detections-ui>> for a complete list of requirements.
diff --git a/docs/detections/api/exceptions/lists-index-api-overview.asciidoc b/docs/detections/api/exceptions/lists-index-api-overview.asciidoc
@@ -6,7 +6,7 @@ and `.items` system data streams in the relevant
 {kibana-ref}/xpack-spaces.html[{kib} space].
 
 For information about the permissions and privileges required to create
-`.lists` and `.items` data streams, see <<enable-detections-ui>>.
+`.lists` and `.items` data streams, refer to <<enable-detections-ui>>.
 
 [discrete]
 === Create data stream

diff --git a/docs/detections/api/lists/lists-api-overview.asciidoc b/docs/detections/api/lists/lists-api-overview.asciidoc
@@ -54,19 +54,9 @@ Use an <<exceptions-api-create-exception-item, exception item>> to define the
 operator and associate it with an <<exceptions-api-create-container, exception container>>.
 You can then add the exception container to a rule's `exceptions_list` object.
 
-IMPORTANT: Before you can create lists, you must create `.lists` and `.items`
-data streams for the {kib} space (see <<lists-index-api-overview>>).
-
 [float]
-=== Kibana role requirements
-
-To create list containers and items, the user role for the {kib} space must
-have:
-
-* `read` and `write` index privileges for the
-`.lists` and `.items` data streams (the system data stream used for storing exception lists).
-* {kib} space `All` privileges for the `Security` and `Saved Objects Management`
-features (see
-{kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges]).
+=== Lists requirements 
 
-See <<detections-permissions-section>> for a complete list of requirements.
+Before you can start using lists, you must create the `.lists` and `.items` data streams for the relevant {kib} space. To learn how to do this, go to <<lists-index-api-overview>>. 
+
+Once these data streams are created, your role needs privileges to manage rules. Refer to <<enable-detections-ui>> for a complete list of requirements.
diff --git a/docs/getting-started/detections-req.asciidoc b/docs/getting-started/detections-req.asciidoc
@@ -12,8 +12,6 @@ deployments. If you're using an Elastic Cloud deployment, you only need to
 Additionally, there are some <<adv-list-settings, advanced settings>> used to
 configure {kib} <<value-lists-exceptions, value list>> upload limits.
 
-
-
 [discrete]
 [[detections-on-prem-requirements]]
 == Configure self-managed {stack} deployments
@@ -65,7 +63,6 @@ a|The `manage`, `write`,`read`, and `view_index_metadata` index privileges for t
 |{kib} space `All` privileges for the `Security` feature (refer to
 {kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])
 
-
 |Enable the Detections feature in all Kibana spaces
 
 *NOTE*: To turn on the Detections feature, visit the Detections page for each appropriate Kibana space.
@@ -83,7 +80,6 @@ a|The `manage`, `write`,`read`, and `view_index_metadata` index privileges for t
 |{kib} space `All` privileges for the `Security` feature (refer to
 {kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])
 
-
 | Preview rules
 |N/A
 a| The `read` privilege for the following indices:
@@ -130,6 +126,19 @@ a|The `maintenance`, `write`,`read`, and `view_index_metadata` index privileges
 |{kib} space `Read` privileges for the `Security` feature (refer to
 {kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])
 
+|Create the `.lists` and `.items` data streams in your {kib} space
+
+**NOTE**: To initiate the process that creates the `.lists` and `.items` data streams, you must visit the Rules page for each appropriate {kib} space.
+
+|The `manage` privilege
+a| The `manage`, `write`,`read`, and `view_index_metadata` index privileges for the following data streams, where `<space-id>` is the {kib} space name:
+
+* `.lists-<space-id>`
+* `.items-<space-id>`
+
+|{kib} space `All` privileges for the `Security` and `Saved Objects Management`
+features (refer to {kibana-ref}/xpack-spaces.html#spaces-control-user-access[Feature access based on user privileges])
+
 |==============================================
 
 Here is an example of a user who has the Detections feature enabled in all {kib} spaces: