[Security] [Serverless: Jan 6] Privileged user monitoring moves to GA #4474
Conversation
✅ Vale Linting ResultsNo issues found on modified lines! |
natasha-moore-elastic
changed the title
|
|
||
| * Have the appropriate user role or privileges | ||
| * Turn on the required advanced setting | ||
| * {applies_to}`serverless: removed` {applies_to}`stack: removed 9.3` Turn on the required advanced setting |
There was a problem hiding this comment.
Just a question for future reference, can add a "before" instead of "removed" flag to this kind of feature? Removed is probably most appropriate for this one, but I'm thinking in other cases where we want to describe a requirement that simply changed, rather than was fully removed.
There was a problem hiding this comment.
(another way to ask this, is the removed x.y just freeform text, or is there a strict set of options)
There was a problem hiding this comment.
Good question! The applies_to component accepts a specific set of values for describing versions and lifecycle states (you can find the list here, on the Lifecycles/Versions tabs), so if we wanted to describe a requirement that changed, we would list both, with their applicable versions, for example:
To enable this feature, you need:
- {applies_to}
stack: ga 9.1ABC privileges (which would mean this applies to versions 9.1-9.3)- {applies_to}
stack: ga 9.4XYZ privileges (which would mean this applies to versions 9.4+)
Here's a similar example in the attack discovery docs: https://www.elastic.co/docs/solutions/security/ai/attack-discovery#attack-discovery-generate-discoveries
We’ll soon also support version ranges as applies_to values , so we’ll be able to be more explicit, for example:
- {applies_to}
stack: ga 9.1-9.3- {applies_to}
stack: ga 9.4+
Summary
Resolves #4458. Moves privileged user monitoring from preview to GA and removes the privileged user monitoring advanced setting.
Generative AI disclosure