Skip to content

[Internal]: Endpoint Exceptions sub-feature privilege across offers #2974

New issue
New issue
Closed
#2983
Closed
[Internal]: Endpoint Exceptions sub-feature privilege across offers#2974
#2983
Assignees
natasha-moore-elastic
Labels
Team:ExperienceIssues owned by the Experience Docs Team
@gergoabraham

Description

@gergoabraham
gergoabraham
opened on Sep 16, 2025

Description

image

Previously

So far Endpoint Exceptions sub-feature privilege existed only on Serverless. Its READ/ALL access was included in the corresponding Security READ/ALL privilege, when the customization of sub-feature privileges was disabled, and user was able to fine tune it when the customization was enabled.

On ESS, the access was implicitly (and invisibly) included in Security READ/ALL, no matter of the customization toggle.

Changes on Serverless

Endpoint Exceptions is not included anymore in Security:READ/ALL privileges, it always has to be explicitly allowed, similarly to other artifacts.

Before After
imageimage imageimage
imageimage imageimage

Changes on ESS

The sub-feature privilege is added, and similarly to all other endpoint artifacts (e.g. Trusted apps, Event filters), the privileges need to be explicitly set.

Resources

PR:

issue:

Which documentation set does this change impact?

Elastic On-Prem and Cloud (all)

Feature differences

The point of this change is that from now, there should be no difference between ESS and serverless.

What release is this request related to?

9.2

Serverless release

the week of 22nd, September

Collaboration model

The documentation team

Point of contact.

Main contact: @gergoabraham

Stakeholders: @roxana-gheorghe @dasansol92

Metadata

Metadata

Assignees

Labels

Team:ExperienceIssues owned by the Experience Docs Team

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions