Cherry-pick to 7.x: [docs] Remove deprecated security roles (#20162)

filebeat/docs/fields.asciidoc

@@ -45377,7 +45377,7 @@ Roles to which the principal belongs
 
 type: keyword
 
-example: ['kibana_user', 'beats_admin']
+example: ['kibana_admin', 'beats_admin']
 
 --
 

filebeat/module/elasticsearch/audit/_meta/fields.yml

@@ -24,7 +24,7 @@
       type: keyword
     - name: user.roles
       description: "Roles to which the principal belongs"
-      example: [ "kibana_user", "beats_admin" ]
+      example: [ "kibana_admin", "beats_admin" ]
       type: keyword
     - name: action
       description: "The name of the action that was executed"

libbeat/docs/security/users.asciidoc

@@ -169,7 +169,7 @@ users who need to monitor {beatname_uc}:
 |====
 |Role | Purpose
 
-|`kibana_user`
+|`kibana_admin`
 |Use {kib}
 
 |`monitoring_user`
@@ -231,7 +231,7 @@ endif::serverless[]
 Users who publish events to {es} need to create and write to {beatname_uc}
 indices. To minimize the privileges required by the writer role, use the
 <<privileges-to-setup-beats,setup role>> to pre-load dependencies. This section
-assumes that you've pre-loaded dependencies.
+assumes that you've run the setup.
 
 ifndef::no_ilm[]
 When using ILM, turn off the ILM setup check in the {beatname_uc} config file before

libbeat/docs/tab-widgets/set-connection.asciidoc

@@ -58,8 +58,8 @@ include the scheme and port: `http://mykibanahost:5601/path`.
 <2> The `username` and `password` settings for {kib} are optional. If you don't
 specify credentials for {kib}, {beatname_uc} uses the `username` and `password`
 specified for the {es} output.
-<3> To use the pre-built Kibana dashboards, this user must have the
-`kibana_user` {ref}/built-in-roles.html[built-in role] or equivalent
-privileges.
+<3> To use the pre-built {kib} dashboards, this user must be authorized to
+view dashboards or have the
+`kibana_admin` {ref}/built-in-roles.html[built-in role].
 // end::self-managed[]