[ResponseOps] Decouple rule producer/consumer settings from Kibana feature ID #181559
Labels
Feature:Alerting/RulesFramework
Issues related to the Alerting Rules Framework
Feature:Alerting
Team:ResponseOps
Label for the ResponseOps team (formerly the Cases and Alerting teams)
Blocker for: https://github.com/elastic/security-team/issues/9533 (internal), https://github.com/elastic/security-team/issues/8799 (internal)
Summary
As part of the RBAC changes in the Security Solution (see this issue for more details), we need to extract rule management into a standalone Kibana product feature.
This involves transferring security rule types from the
siem
feature (current configuration here) to a newruleManagement
feature. This will require changing the producer and consumer rule settings to a new value, as feature IDs currently serve as the producer/consumer identifiers.As we discussed previously, migrating rules is not an option (see this comment). Therefore, we need to find out how to make the Alerting RBAC work with the new feature ID while keeping the current rule producer/consumer
siem
value.The text was updated successfully, but these errors were encountered: