Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Cloud Security] add required_vars validation rules and default CSPM and Asset Inventory to agentless deployment #12363

Merged
merged 15 commits into from
Jan 27, 2025
Prev Previous commit
Next Next commit
working with Kibana
seanrathier committed Jan 27, 2025

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
commit 43c743ea15c7cfac8726605d420b38d7682d6695
Original file line number Diff line number Diff line change
@@ -227,6 +227,32 @@ streams:
- name: gcp.organization_id
- name: gcp.project_id
- name: gcp.credentials.json
single_account_cloud_shell:
- name: gcp.account_type
value: single-account
- name: gcp.credentials.type
value: credentials-none
- name: setup_access
value: google_cloud_shell
- name: gcp.project_id
single_account_manual-file:
- name: gcp.account_type
value: single-account
- name: gcp.credentials.type
value: credentials-file
- name: setup_access
value: manual
- name: gcp.project_id
- name: gcp.credentials.file
single_account_manual-json:
- name: gcp.account_type
value: single-account
- name: gcp.credentials.type
value: credentials-json
- name: setup_access
value: manual
- name: gcp.project_id
- name: gcp.credentials.json
vars:
- name: condition
title: Condition
@@ -278,6 +304,61 @@ streams:
description: CIS Benchmark for Microsoft Azure Foundations
template_path: azure.yml.hbs
enabled: false
required_vars:
organization_account_arm_template:
- name: azure.account_type
value: organization-account
- name: azure.credentials.type
value: arm_template
organization_account_managed_identity:
- name: azure.account_type
value: organization-account
- name: azure.credentials.type
value: managed_identity
organization_account_service_principal_secret:
- name: azure.account_type
value: organization-account
- name: azure.credentials.type
value: service_principal_with_client_secret
- name: azure.credentials.client_id
- name: azure.credentials.client_secret
- name: azure.credentials.tenant_id
organization_account_service_principal_certificate:
- name: azure.account_type
value: organization-account
- name: azure.credentials.type
value: service_principal_with_client_certificate
- name: azure.credentials.client_id
- name: azure.credentials.client_certificate_path
- name: azure.credentials.client_certificate_password
- name: azure.credentials.tenant_id
single_account_arm_template:
- name: azure.account_type
value: single-account
- name: azure.credentials.type
value: arm_template
single_account_managed_identity:
- name: azure.account_type
value: single-account
- name: azure.credentials.type
value: managed_identity
single_account_service_principal_secret:
- name: azure.account_type
value: single-account
- name: azure.credentials.type
value: service_principal_with_client_secret
- name: azure.credentials.client_id
- name: azure.credentials.client_secret
- name: azure.credentials.tenant_id
single_account_service_principal_certificate:
- name: azure.account_type
value: single-account
- name: azure.credentials.type
value: service_principal_with_client_certificate
- name: azure.credentials.client_id
- name: azure.credentials.client_certificate_path
- name: azure.credentials.client_certificate_password
- name: azure.credentials.tenant_id
vars:
- name: condition
title: Condition
3 changes: 2 additions & 1 deletion packages/cloud_security_posture/manifest.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
format_version: 3.3.2
name: cloud_security_posture
title: "Security Posture Management"
version: "1.13.0-preview02"
version: "1.13.0-preview01"
source:
license: "Elastic-2.0"
description: "Sean...Identify & remediate configuration risks in your Cloud infrastructure"
@@ -107,6 +107,7 @@ policy_templates:
enabled: true
agentless:
enabled: true
is_default: true
organization: security
division: engineering
team: cloud-security-posture