[Request] Cases subfeatures #6266
Description
Description
2 new cases sub features were added for 8.17: re-opening cases and adding comments/attachments to cases. These privs can be configured for Security, Observability, and Stack Management cases.
- Re-open: Controls the ability to re-open cases.
- When Cases has the read permission, and the reopen permission is not enabled, users have permissions as before. (Meaning they can't re-open a case?)
- When enabled (with what level of privs, read or all?), users can move cases from closed to open/in progress, but nothing else (Meaning they can't move the case status to Closed?).
- If a user has
Alland this priv enabled, they can do anything as before (?). - If a user has
All(?) and the option is unselected, they can change case properties, and change a case from open to anything, in progress to anything. However, if the case is closed, they cannot reopen it. (need to test)
- Create comments & attachments: When enabled and the user has case
Readprivs, users can add comments, but not make any other changes to the case.- When the user has
Readand this priv deselected, read functions as before (?). - When a user has
Alland this priv selected, this functions as all (?). - When a user has
Alland this priv deselected, the user can do everything normally, except add cases comments.
- When the user has
Impacted Security docs
- 8.17: https://www.elastic.co/guide/en/serverless/current/security-cases-requirements.html
- Serverless: https://www.elastic.co/guide/en/serverless/current/security-cases-requirements.html
- Kibana and Observability docs will be updated in separate repos/PRs
Background & resources
- PRs: [Cases] [Security Solution] New cases subfeatures, add comments and reopen cases kibana#194898
- Point of contact: @kqualters-elastic
- Test environments:
Which documentation set does this change impact?
ESS and serverless
ESS release
N/A
Serverless release
November 26th, 2024
Feature differences
N/A
API docs impact
N/A
Prerequisites, privileges, feature flags
No response