elastic · joepeeples · Nov 12, 2024 · Nov 12, 2024 · Nov 12, 2024 · Nov 12, 2024
@@ -12,7 +12,11 @@ To configure roles and privileges, find **Roles** in the navigation menu or by u
 
 NOTE: {elastic-defend}'s feature privileges must be assigned to *All Spaces*. You can't assign them to an individual space. 
 
-To grant access, select *All* for the *Security* feature in the *{kib} privileges* configuration UI, then turn on the *Customize sub-feature privileges* switch. For each of the following sub-feature privileges, select the type of access you want to allow:
+To grant access, select *All* for the *Security* feature in the *Assign role to space* configuration UI, then turn on the *Customize sub-feature privileges* switch. 
+
+IMPORTANT: Selecting **All** for the overall **Security** feature does NOT enable any sub-features. You must also enable the **Customize sub-feature privileges** switch, and then enable each sub-feature privilege individually.
+
+For each of the following sub-feature privileges, select the type of access you want to allow:
 
 * *All*: Users have full access to the feature, which includes performing all available actions and managing configuration.
 * *Read*: Users can view the feature, but can't perform any actions or manage configuration (some features don't have this privilege).

@@ -8,14 +8,18 @@ preview:[]
 
 You can create user roles and define privileges to manage feature access in {elastic-sec}. This allows you to use the principle of least privilege while managing access to {elastic-defend}'s features.
 
-Configure roles and privileges in **Stack Management** → **Custom Roles**. For more details on using this UI, refer to <<custom-roles>>.
+To configure roles and privileges, find **Roles** in the navigation menu or by using the global search field. For more details on using this UI, refer to <<custom-roles>>.
 
 [NOTE]
 ====
 {elastic-defend}'s feature privileges must be assigned to **All Spaces**. You can't assign them to an individual space.
 ====
 
-To grant access, select **All** for the **Security** feature in the **{kib} privileges** configuration UI, then turn on the **Customize sub-feature privileges** switch. For each of the following sub-feature privileges, select the type of access you want to allow:
+To grant access, select **All** for the **Security** feature in the **Assign role to space** configuration UI, then turn on the **Customize sub-feature privileges** switch.
+
+IMPORTANT: Selecting **All** for the overall **Security** feature does NOT enable any sub-features. You must also enable the **Customize sub-feature privileges** switch, and then enable each sub-feature privilege individually.
+
+For each of the following sub-feature privileges, select the type of access you want to allow:
 
 * **All**: Users have full access to the feature, which includes performing all available actions and managing configuration.
 * **Read**: Users can view the feature, but can't perform any actions or manage configuration (some features don't have this privilege).