From 64f435277cbccfd4b3f18d2deb75669370298941 Mon Sep 17 00:00:00 2001
From: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
Date: Tue, 17 Dec 2024 10:06:35 -0500
Subject: [PATCH 1/2] [Serverless][8.17] Cases subfeatures (#6288)

(cherry picked from commit b445b874e73c2a66b6078bf5020a1be1879cd7da)

# Conflicts:
#	docs/serverless/investigate/case-permissions.asciidoc
---
 docs/cases/cases-req.asciidoc                 |  2 +-
 .../investigate/case-permissions.asciidoc     | 57 +++++++++++++++++++
 2 files changed, 58 insertions(+), 1 deletion(-)
 create mode 100644 docs/serverless/investigate/case-permissions.asciidoc

diff --git a/docs/cases/cases-req.asciidoc b/docs/cases/cases-req.asciidoc
index 17f12a740e..ec34695c74 100644
--- a/docs/cases/cases-req.asciidoc
+++ b/docs/cases/cases-req.asciidoc
@@ -54,7 +54,7 @@ once, which creates a user profile.
 | Give view-only access for cases
 a| **Read** for the *Security* feature and **All** for the *Cases* feature
 
-NOTE: You can customize the sub-feature privileges to allow access to deleting cases, deleting alerts and comments from cases, and viewing or editing case settings.
+NOTE: You can customize the sub-feature privileges to allow access to deleting cases, deleting alerts and comments from cases, viewing or editing case settings, adding case comments and attachments, and re-opening cases.   
 
 | Revoke all access to cases | **None** for the *Cases* feature under *Security*
 
diff --git a/docs/serverless/investigate/case-permissions.asciidoc b/docs/serverless/investigate/case-permissions.asciidoc
new file mode 100644
index 0000000000..8ddcd52e96
--- /dev/null
+++ b/docs/serverless/investigate/case-permissions.asciidoc
@@ -0,0 +1,57 @@
+[[security-cases-requirements]]
+= Cases requirements
+
+// :description: Requirements for using and managing cases.
+// :keywords: serverless, security, reference, manage
+
+
+To access cases, you need either the appropriate <<general-assign-user-roles,predefined Security user role>> or a <<custom-roles,custom role>> with the right privileges.
+
+You can create custom roles and define feature privileges at different levels to manage feature access in {kib}. {kib} privileges grant access to features within a specified {kib} space, and you can grant full or partial access. For more information, refer to <<custom-roles>>.
+
+[NOTE]
+====
+To send cases to external systems, you need the Security Analytics Complete <<elasticsearch-manage-project,project feature>>.
+====
+
+[IMPORTANT]
+====
+Certain feature tiers and roles might be required to manage case attachments. For example, to add alerts to cases, you must have a role that allows <<enable-detections-ui,managing alerts>>.
+====
+
+To grant access to cases in a custom role, set the privileges for the **Cases** and **{connectors-feature}** features as follows:
+
+|===
+| Action | {kib} Privileges
+
+| Give full access to manage cases and settings
+a| * **All** for the **Cases** feature under **Security**
+* **All** for the **{connectors-feature}** feature under **Stack Management**
+
+[NOTE]
+====
+Roles without **All** privileges for the **{connectors-feature}** feature cannot create, add, delete, or modify case connectors.
+
+By default, **All** for the **Cases** feature allows you to delete cases, delete alerts and comments from cases, and edit case settings. You can customize the sub-feature privileges to limit feature access.
+====
+
+| Give assignee access to cases
+a| **All** for the **Cases** feature under **Security**
+
+[NOTE]
+====
+Before a user can be assigned to a case, they must log into {kib} at least
+once, which creates a user profile.
+====
+
+| Give view-only access for cases
+a| **Read** for the **Security** feature and **All** for the **Cases** feature
+
+[NOTE]
+====
+You can customize the sub-feature privileges to allow access to deleting cases, deleting alerts and comments from cases, viewing or editing case settings, adding case comments and attachments, and re-opening cases. 
+====
+
+| Revoke all access to cases
+| **None** for the **Cases** feature under **Security**
+|===

From 09aacb394e3eb0312cee55e0fb4226ab8fe3a308 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Tue, 17 Dec 2024 15:08:32 +0000
Subject: [PATCH 2/2] Delete docs/serverless directory and its contents

---
 .../investigate/case-permissions.asciidoc     | 57 -------------------
 1 file changed, 57 deletions(-)
 delete mode 100644 docs/serverless/investigate/case-permissions.asciidoc

diff --git a/docs/serverless/investigate/case-permissions.asciidoc b/docs/serverless/investigate/case-permissions.asciidoc
deleted file mode 100644
index 8ddcd52e96..0000000000
--- a/docs/serverless/investigate/case-permissions.asciidoc
+++ /dev/null
@@ -1,57 +0,0 @@
-[[security-cases-requirements]]
-= Cases requirements
-
-// :description: Requirements for using and managing cases.
-// :keywords: serverless, security, reference, manage
-
-
-To access cases, you need either the appropriate <<general-assign-user-roles,predefined Security user role>> or a <<custom-roles,custom role>> with the right privileges.
-
-You can create custom roles and define feature privileges at different levels to manage feature access in {kib}. {kib} privileges grant access to features within a specified {kib} space, and you can grant full or partial access. For more information, refer to <<custom-roles>>.
-
-[NOTE]
-====
-To send cases to external systems, you need the Security Analytics Complete <<elasticsearch-manage-project,project feature>>.
-====
-
-[IMPORTANT]
-====
-Certain feature tiers and roles might be required to manage case attachments. For example, to add alerts to cases, you must have a role that allows <<enable-detections-ui,managing alerts>>.
-====
-
-To grant access to cases in a custom role, set the privileges for the **Cases** and **{connectors-feature}** features as follows:
-
-|===
-| Action | {kib} Privileges
-
-| Give full access to manage cases and settings
-a| * **All** for the **Cases** feature under **Security**
-* **All** for the **{connectors-feature}** feature under **Stack Management**
-
-[NOTE]
-====
-Roles without **All** privileges for the **{connectors-feature}** feature cannot create, add, delete, or modify case connectors.
-
-By default, **All** for the **Cases** feature allows you to delete cases, delete alerts and comments from cases, and edit case settings. You can customize the sub-feature privileges to limit feature access.
-====
-
-| Give assignee access to cases
-a| **All** for the **Cases** feature under **Security**
-
-[NOTE]
-====
-Before a user can be assigned to a case, they must log into {kib} at least
-once, which creates a user profile.
-====
-
-| Give view-only access for cases
-a| **Read** for the **Security** feature and **All** for the **Cases** feature
-
-[NOTE]
-====
-You can customize the sub-feature privileges to allow access to deleting cases, deleting alerts and comments from cases, viewing or editing case settings, adding case comments and attachments, and re-opening cases. 
-====
-
-| Revoke all access to cases
-| **None** for the **Cases** feature under **Security**
-|===