[8.19] [AI4DSOC] Add possibility to disable Stack Rules, Rules Settings and Maintenance window based on Serverless Tier (#214586)#221998
Merged
tomsonpl merged 6 commits intoelastic:8.19from Jun 2, 2025
Conversation
…Maintenance window based on Serverless Tier (elastic#214586) (cherry picked from commit 6356f2c) # Conflicts: # .buildkite/ftr_platform_stateful_configs.yml # config/serverless.security.search_ai_lake.yml # src/platform/test/plugin_functional/test_suites/core_plugins/rendering.ts # x-pack/platform/plugins/shared/alerting/server/config.test.ts # x-pack/platform/plugins/shared/alerting/server/config.ts # x-pack/platform/plugins/shared/alerting/server/index.ts # x-pack/platform/plugins/shared/triggers_actions_ui/public/plugin.ts # x-pack/test/security_solution_cypress/cypress/e2e/ai4dsoc/capabilities/access.cy.ts # x-pack/test/security_solution_cypress/cypress/e2e/ai4dsoc/constants.ts # x-pack/test/security_solution_cypress/cypress/e2e/ai4dsoc/navigation/navigation.cy.ts # x-pack/test/security_solution_cypress/cypress/urls/navigation.ts
cnasikas
approved these changes
May 30, 2025
Contributor
Author
|
@mgiota this should backport should be mergeable. You mentioned you wanted to test your changes, so just letting you know it's ready :) Thanks! |
Contributor
💚 Build Succeeded
Metrics [docs]Public APIs missing comments
Async chunks
Page load bundle
Unknown metric groupsAPI count
ESLint disabled line counts
Total ESLint disabled count
History
|
mgiota
approved these changes
Jun 2, 2025
ashokaditya
added a commit
that referenced
this pull request
Jun 6, 2025
) (#222752) # Backport This will backport the following commits from `main` to `8.19`: - [[Ai4dSoc] Hide notes/timelines for `search_ai_lake` tier (#215334)](#215334) > [!Note] #221998 already backported changes in `config/serverless.security.search_ai_lake.yml` which is why it does not appear in this backport PR. <!--- Backport version: 10.0.0 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Ash","email":"1849116+ashokaditya@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-04-02T13:05:12Z","message":"[Ai4dSoc] Hide notes/timelines for `search_ai_lake` tier (#215334)\n\n> [!CAUTION]\n> Do not merge yet!\n> This PR is mergeable based on the assumption that we do not allow\ndowngrading to `search_ai_lake` tier from `essentials`/`complete` or\n`trial` `complete/essentals`.\n\n## Summary\n\nOn serverless with following sets of product types/lines timelines and\nnotes are not available to the user.\n\n```json5\n[\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' }\n]\n```\nor \n```json5\n[\n { product_line: 'security', product_tier: 'search_ai_lake' }\n]\n```\nor with \n```json5\n[\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' },\n { product_line: 'security', product_tier: 'search_ai_lake' }\n]\n```\n\nThis applies to custom role creation flyout where timelines/notes\nprivileges are not available for RBAC.\n\n### Screenshots (where timeline and notes are not available)\n\n#### Custom role creation \n\n\nAlso on alerts page notes and timelines is not available action items.\nTrying to access these via URL does not show them either.\n\n#### Current alerts page (with timelines and notes not available)\n\n\n#### Alert details via URL (without notes on the expanded flyout)\n\n\n\n## How to Test\n\n1. While on the Kibana root directory, run ES/Kibana on serverless mode\nwith:\n\n```bash\nyarn es serverless --kill --projectType security --kibanaUrl=http://0.0.0.0:5601\n```\nand on a new window\n```bash\nyarn serverless-security --no-base-path\n```\n\nEnable the AI for SOC tier, by adding the following to your\n`serverless.security.dev.yaml` file:\n\n```json5\nxpack.securitySolutionServerless.productTypes:\n [\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' },\n ]\n```\n\n2. Once Kibana is up and running login in with the `admin` role using\nthe role dropdown.\n3. Navigate to `app/management/roles/edit`\n4. Click on `Assign to space` button and assign a space to that role on\nthe `Assign role to spaces` flyout.\n5. Expand the `Security` privileges and verify that only 4\nsub-privileges are seen and that Timelines and Notes are not among them.\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...","sha":"cf1cd55a490c27c556957d34ac292802f2d83875","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Defend Workflows","Team:Security Generative AI","backport:version","v9.1.0","v8.19.0"],"title":"[Ai4dSoc][Serverless] Hide notes/timelines for `search_ai_lake` tier","number":215334,"url":"https://github.com/elastic/kibana/pull/215334","mergeCommit":{"message":"[Ai4dSoc] Hide notes/timelines for `search_ai_lake` tier (#215334)\n\n> [!CAUTION]\n> Do not merge yet!\n> This PR is mergeable based on the assumption that we do not allow\ndowngrading to `search_ai_lake` tier from `essentials`/`complete` or\n`trial` `complete/essentals`.\n\n## Summary\n\nOn serverless with following sets of product types/lines timelines and\nnotes are not available to the user.\n\n```json5\n[\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' }\n]\n```\nor \n```json5\n[\n { product_line: 'security', product_tier: 'search_ai_lake' }\n]\n```\nor with \n```json5\n[\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' },\n { product_line: 'security', product_tier: 'search_ai_lake' }\n]\n```\n\nThis applies to custom role creation flyout where timelines/notes\nprivileges are not available for RBAC.\n\n### Screenshots (where timeline and notes are not available)\n\n#### Custom role creation \n\n\nAlso on alerts page notes and timelines is not available action items.\nTrying to access these via URL does not show them either.\n\n#### Current alerts page (with timelines and notes not available)\n\n\n#### Alert details via URL (without notes on the expanded flyout)\n\n\n\n## How to Test\n\n1. While on the Kibana root directory, run ES/Kibana on serverless mode\nwith:\n\n```bash\nyarn es serverless --kill --projectType security --kibanaUrl=http://0.0.0.0:5601\n```\nand on a new window\n```bash\nyarn serverless-security --no-base-path\n```\n\nEnable the AI for SOC tier, by adding the following to your\n`serverless.security.dev.yaml` file:\n\n```json5\nxpack.securitySolutionServerless.productTypes:\n [\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' },\n ]\n```\n\n2. Once Kibana is up and running login in with the `admin` role using\nthe role dropdown.\n3. Navigate to `app/management/roles/edit`\n4. Click on `Assign to space` button and assign a space to that role on\nthe `Assign role to spaces` flyout.\n5. Expand the `Security` privileges and verify that only 4\nsub-privileges are seen and that Timelines and Notes are not among them.\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...","sha":"cf1cd55a490c27c556957d34ac292802f2d83875"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/215334","number":215334,"mergeCommit":{"message":"[Ai4dSoc] Hide notes/timelines for `search_ai_lake` tier (#215334)\n\n> [!CAUTION]\n> Do not merge yet!\n> This PR is mergeable based on the assumption that we do not allow\ndowngrading to `search_ai_lake` tier from `essentials`/`complete` or\n`trial` `complete/essentals`.\n\n## Summary\n\nOn serverless with following sets of product types/lines timelines and\nnotes are not available to the user.\n\n```json5\n[\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' }\n]\n```\nor \n```json5\n[\n { product_line: 'security', product_tier: 'search_ai_lake' }\n]\n```\nor with \n```json5\n[\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' },\n { product_line: 'security', product_tier: 'search_ai_lake' }\n]\n```\n\nThis applies to custom role creation flyout where timelines/notes\nprivileges are not available for RBAC.\n\n### Screenshots (where timeline and notes are not available)\n\n#### Custom role creation \n\n\nAlso on alerts page notes and timelines is not available action items.\nTrying to access these via URL does not show them either.\n\n#### Current alerts page (with timelines and notes not available)\n\n\n#### Alert details via URL (without notes on the expanded flyout)\n\n\n\n## How to Test\n\n1. While on the Kibana root directory, run ES/Kibana on serverless mode\nwith:\n\n```bash\nyarn es serverless --kill --projectType security --kibanaUrl=http://0.0.0.0:5601\n```\nand on a new window\n```bash\nyarn serverless-security --no-base-path\n```\n\nEnable the AI for SOC tier, by adding the following to your\n`serverless.security.dev.yaml` file:\n\n```json5\nxpack.securitySolutionServerless.productTypes:\n [\n { product_line: 'ai_soc', product_tier: 'search_ai_lake' },\n ]\n```\n\n2. Once Kibana is up and running login in with the `admin` role using\nthe role dropdown.\n3. Navigate to `app/management/roles/edit`\n4. Click on `Assign to space` button and assign a space to that role on\nthe `Assign role to spaces` flyout.\n5. Expand the `Security` privileges and verify that only 4\nsub-privileges are seen and that Timelines and Notes are not among them.\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [ ] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] If a plugin configuration key changed, check if it needs to be\nallowlisted in the cloud and added to the [docker\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\n- [ ] This was checked for breaking HTTP API changes, and any breaking\nchanges have been approved by the breaking-change committee. The\n`release_note:breaking` label should be applied in these situations.\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n- [ ] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n\n### Identify risks\n\nDoes this PR introduce any risks? For example, consider risks like hard\nto test bugs, performance regression, potential of data loss.\n\nDescribe the risk, its severity, and mitigation for each identified\nrisk. Invite stakeholders and evaluate how to proceed before merging.\n\n- [ ] [See some risk\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\n- [ ] ...","sha":"cf1cd55a490c27c556957d34ac292802f2d83875"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport
This will backport the following commits from
mainto8.19:Questions ?
Please refer to the Backport tool documentation