From 2cd44f423e44ae52f840ede1116e922da97a577e Mon Sep 17 00:00:00 2001
From: natasha-moore-elastic
 <137783811+natasha-moore-elastic@users.noreply.github.com>
Date: Tue, 28 Jan 2025 16:29:02 +0000
Subject: [PATCH] Updates RBAC requirements for 3rd-party response actions
 (#6434)

(cherry picked from commit dd70609c54ea7ad7045a6040abd1bf454b98884f)
---
 docs/management/admin/response-actions-config.asciidoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/management/admin/response-actions-config.asciidoc b/docs/management/admin/response-actions-config.asciidoc
index 3f4f9295f3..ba12519495 100644
--- a/docs/management/admin/response-actions-config.asciidoc
+++ b/docs/management/admin/response-actions-config.asciidoc
@@ -20,7 +20,7 @@ Check out <<third-party-actions>> to learn which response actions are supported
 --
 * https://www.elastic.co/pricing[Subscription level]: Enterprise 
 
-* {kibana-ref}/kibana-role-management.html#adding_kibana_privileges[{kib} feature privilege]: **Actions and Connectors : All**.
+* {kibana-ref}/kibana-role-management.html#adding_kibana_privileges[{kib} feature privilege]: Under **Actions and Connectors**, turn on **Customize sub-feature privileges** and enable **Endpoint Security**.
 
 * <<endpoint-management-req,{elastic-sec} feature privileges>>: **All** for the response action features, such as **Host Isolation**, that you want to perform.