[Docs] Update required Indices for accessing Findings Dashboard #3408
Description
Motivation
Currently on the CSPM Privilege Requirements , it is mentioned that we only need,
- logs-cloud_security_posture.findings_latest-*
- logs-cloud_security_posture.scores-*
but In reality we also need to add another
- security_solution-cloud_security_posture.misconfiguration_latest*
so we would need to update the docs to have the following
Read permission
ES Index privileges:
- logs-cloud_security_posture.findings_latest-default (Read)
- logs-cloud_security_posture.scores-default (Read)
- security_solution-cloud_security_posture.misconfiguration_latest* (Read)
Kibana Privileges
- Security (Read)
Write permission
Can read cloud posture data, create detection rules from misconfigurations, and enable/disable benchmark rules.
ES Index privileges:
- logs-cloud_security_posture.findings_latest-default (Read)
- logs-cloud_security_posture.scores-default (Read)
- security_solution-cloud_security_posture.misconfiguration_latest* (Read)
Kibana Privileges
- Security (All)
Manage permission
Can read cloud posture data, create detection rules from misconfigurations, enable/disable benchmark rules and install/update/uninstall CSPM integration and assets.
ES Index privileges:
- logs-cloud_security_posture.findings_latest-default (Read)
- logs-cloud_security_posture.scores-default (Read)
- security_solution-cloud_security_posture.misconfiguration_latest* (Read)
Kibana Privileges
- Security (All)
- Spaces (All)
- Fleet (All)
- Integrations (All)