elastic · kfirpeled · Apr 17, 2022 · Apr 20, 2022 · Apr 20, 2022
@@ -11,19 +11,17 @@ export const BENCHMARKS_ROUTE_PATH = '/internal/cloud_security_posture/benchmark
 export const UPDATE_RULES_CONFIG_ROUTE_PATH =
   '/internal/cloud_security_posture/update_rules_config';
 
-export const CSP_FINDINGS_INDEX_NAME = 'findings';
-export const CIS_KUBERNETES_PACKAGE_NAME = 'cis_kubernetes_benchmark';
-export const FINDINGS_DATA_STREAM_NAME =
-  // Currently 'cis_kubernetes_benchmark.findings', To be refactored to 'cloud_security_posture.findings'
-  CIS_KUBERNETES_PACKAGE_NAME + '.' + CSP_FINDINGS_INDEX_NAME;
+export const CLOUD_SECURITY_POSTURE_PACKAGE_NAME = 'cloud_security_posture';
+
+export const AGENT_LOGS_INDEX_PATTERN = '.logs-cloud_security_posture.metadata*';
+export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cloud_security_posture.findings*';
+export const FINDINGS_INDEX_PATTERN = 'logs-cloud_security_posture.findings-default*';
+
 export const LATEST_FINDINGS_INDEX_NAME = 'cloud_security_posture.findings_latest';
-export const BENCHMARK_SCORE_INDEX_NAME = 'cloud_security_posture.scores';
+export const LATEST_FINDINGS_INDEX_DEFAULT_NS = 'logs-' + LATEST_FINDINGS_INDEX_NAME + '-default';
 
-export const AGENT_LOGS_INDEX_PATTERN = '.logs-cis_kubernetes_benchmark.metadata*';
-export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cis_kubernetes_benchmark.findings-*';
-export const FINDINGS_INDEX_PATTERN = 'logs-' + FINDINGS_DATA_STREAM_NAME + '-default*';
-export const LATEST_FINDINGS_INDEX_PATTERN = 'logs-' + LATEST_FINDINGS_INDEX_NAME + '-default';
-export const BENCHMARK_SCORE_INDEX_PATTERN = 'logs-' + BENCHMARK_SCORE_INDEX_NAME + '-default';
+export const BENCHMARK_SCORE_INDEX_NAME = 'cloud_security_posture.scores';
+export const BENCHMARK_SCORE_INDEX_DEFAULT_NS = 'logs-' + BENCHMARK_SCORE_INDEX_NAME + '-default';
 
 export const RULE_PASSED = `passed`;
 export const RULE_FAILED = `failed`;

@@ -11,7 +11,7 @@ import {
   type GetInfoResponse,
   type DefaultPackagesInstallationError,
 } from '@kbn/fleet-plugin/common';
-import { CIS_KUBERNETES_PACKAGE_NAME } from '../../../common/constants';
+import { CLOUD_SECURITY_PACKAGE_NAME } from '../../../common/constants';
 import { useKibana } from '../hooks/use_kibana';
 
 /**
@@ -21,7 +21,7 @@ export const useCisKubernetesIntegration = () => {
   const { http } = useKibana().services;
 
   return useQuery<GetInfoResponse, DefaultPackagesInstallationError>(['integrations'], () =>
-    http.get<GetInfoResponse>(epmRouteService.getInfoPath(CIS_KUBERNETES_PACKAGE_NAME), {
+    http.get<GetInfoResponse>(epmRouteService.getInfoPath(CLOUD_SECURITY_PACKAGE_NAME), {
       query: { experimental: true },
     })
   );

@@ -10,9 +10,9 @@ import type { ElasticsearchClient, Logger } from '@kbn/core/server';
 import { benchmarkScoreMapping } from './benchmark_score_mapping';
 import { latestFindingsMapping } from './latest_findings_mapping';
 import {
-  LATEST_FINDINGS_INDEX_PATTERN,
+  LATEST_FINDINGS_INDEX_DEFAULT_NS,
   LATEST_FINDINGS_INDEX_NAME,
-  BENCHMARK_SCORE_INDEX_PATTERN,
+  BENCHMARK_SCORE_INDEX_DEFAULT_NS,
   BENCHMARK_SCORE_INDEX_NAME,
 } from '../../common/constants';
 
@@ -25,14 +25,14 @@ export const initializeCspTransformsIndices = async (
     createIndexIfNotExists(
       esClient,
       LATEST_FINDINGS_INDEX_NAME,
-      LATEST_FINDINGS_INDEX_PATTERN,
+      LATEST_FINDINGS_INDEX_DEFAULT_NS,
       latestFindingsMapping,
       logger
     ),
     createIndexIfNotExists(
       esClient,
       BENCHMARK_SCORE_INDEX_NAME,
-      BENCHMARK_SCORE_INDEX_PATTERN,
+      BENCHMARK_SCORE_INDEX_DEFAULT_NS,
       benchmarkScoreMapping,
       logger
     ),
@@ -65,7 +65,7 @@ export const createIndexIfNotExists = async (
     }
   } catch (err) {
     const error = transformError(err);
-    logger.error(`Failed to create ${LATEST_FINDINGS_INDEX_PATTERN}`);
+    logger.error(`Failed to create ${LATEST_FINDINGS_INDEX_DEFAULT_NS}`);
     logger.error(error.message);
   }
 };
@@ -8,7 +8,7 @@
 import { loggingSystemMock, savedObjectsClientMock } from '@kbn/core/server/mocks';
 import { SavedObjectsClientContract, SavedObjectsFindResponse } from '@kbn/core/server';
 import { createPackagePolicyMock } from '@kbn/fleet-plugin/common/mocks';
-import { CIS_KUBERNETES_PACKAGE_NAME } from '../../common/constants';
+import { CLOUD_SECURITY_POSTURE_PACKAGE_NAME } from '../../common/constants';
 import { onPackagePolicyPostCreateCallback } from './fleet_integration';
 
 describe('create CSP rules with post package create callback', () => {
@@ -40,7 +40,7 @@ describe('create CSP rules with post package create callback', () => {
   });
   it('should create stateful rules based on rule template', async () => {
     const mockPackagePolicy = createPackagePolicyMock();
-    mockPackagePolicy.package!.name = CIS_KUBERNETES_PACKAGE_NAME;
+    mockPackagePolicy.package!.name = CLOUD_SECURITY_POSTURE_PACKAGE_NAME;
     mockSoClient.find.mockResolvedValueOnce({
       saved_objects: [
         {

@@ -17,7 +17,7 @@ import {
   cloudSecurityPostureRuleTemplateSavedObjectType,
   CloudSecurityPostureRuleTemplateSchema,
 } from '../../common/schemas/csp_rule_template';
-import { CIS_KUBERNETES_PACKAGE_NAME } from '../../common/constants';
+import { CLOUD_SECURITY_POSTURE_PACKAGE_NAME } from '../../common/constants';
 import { CspRuleSchema, cspRuleAssetSavedObjectType } from '../../common/schemas/csp_rule';
 
 type ArrayElement<ArrayType extends readonly unknown[]> = ArrayType extends ReadonlyArray<
@@ -29,7 +29,7 @@ type ArrayElement<ArrayType extends readonly unknown[]> = ArrayType extends Read
 const isCspPackagePolicy = <T extends { package?: { name: string } }>(
   packagePolicy: T
 ): boolean => {
-  return packagePolicy.package?.name === CIS_KUBERNETES_PACKAGE_NAME;
+  return packagePolicy.package?.name === CLOUD_SECURITY_POSTURE_PACKAGE_NAME;
 };
 
 /**

@@ -31,7 +31,7 @@ import {
   onPackagePolicyPostCreateCallback,
   onPackagePolicyDeleteCallback,
 } from './fleet_integration/fleet_integration';
-import { CIS_KUBERNETES_PACKAGE_NAME } from '../common/constants';
+import { CLOUD_SECURITY_POSTURE_PACKAGE_NAME } from '../common/constants';
 
 export interface CspAppContext {
   logger: Logger;
@@ -87,7 +87,7 @@ export class CspPlugin
           context: RequestHandlerContext,
           request: KibanaRequest
         ): Promise<PackagePolicy> => {
-          if (packagePolicy.package?.name === CIS_KUBERNETES_PACKAGE_NAME) {
+          if (packagePolicy.package?.name === CLOUD_SECURITY_POSTURE_PACKAGE_NAME) {
             await onPackagePolicyPostCreateCallback(
               this.logger,
               packagePolicy,
@@ -103,7 +103,7 @@ export class CspPlugin
         'postPackagePolicyDelete',
         async (deletedPackagePolicies: DeepReadonly<DeletePackagePoliciesResponse>) => {
           for (const deletedPackagePolicy of deletedPackagePolicies) {
-            if (deletedPackagePolicy.package?.name === CIS_KUBERNETES_PACKAGE_NAME) {
+            if (deletedPackagePolicy.package?.name === CLOUD_SECURITY_POSTURE_PACKAGE_NAME) {
               await onPackagePolicyDeleteCallback(
                 this.logger,
                 deletedPackagePolicy,

@@ -19,7 +19,7 @@ import type {
   AgentPolicy,
   ListResult,
 } from '@kbn/fleet-plugin/common';
-import { BENCHMARKS_ROUTE_PATH, CIS_KUBERNETES_PACKAGE_NAME } from '../../../common/constants';
+import { BENCHMARKS_ROUTE_PATH, CLOUD_SECURITY_PACKAGE_NAME } from '../../../common/constants';
 import {
   BENCHMARK_PACKAGE_POLICY_PREFIX,
   benchmarksInputSchema,
@@ -165,7 +165,7 @@ export const defineGetBenchmarksRoute = (router: CspRouter, cspContext: CspAppCo
         const packagePolicies = await getPackagePolicies(
           soClient,
           packagePolicyService,
-          CIS_KUBERNETES_PACKAGE_NAME,
+          CLOUD_SECURITY_PACKAGE_NAME,
           query
         );
 

@@ -6,7 +6,7 @@
  */
 
 import { ElasticsearchClient } from '@kbn/core/server';
-import { BENCHMARK_SCORE_INDEX_PATTERN } from '../../../common/constants';
+import { BENCHMARK_SCORE_INDEX_DEFAULT_NS } from '../../../common/constants';
 import { Stats } from '../../../common/types';
 import { calculatePostureScore } from './get_stats';
 
@@ -26,7 +26,7 @@ export interface ScoreTrendDoc {
 }
 
 export const getTrendsQuery = () => ({
-  index: BENCHMARK_SCORE_INDEX_PATTERN,
+  index: BENCHMARK_SCORE_INDEX_DEFAULT_NS,
   size: 5,
   sort: '@timestamp:desc',
 });

@@ -22,7 +22,7 @@ import { CspAppContext } from '../../plugin';
 import { CspRulesConfigSchema } from '../../../common/schemas/csp_configuration';
 import { CspRuleSchema, cspRuleAssetSavedObjectType } from '../../../common/schemas/csp_rule';
 import { UPDATE_RULES_CONFIG_ROUTE_PATH } from '../../../common/constants';
-import { CIS_KUBERNETES_PACKAGE_NAME } from '../../../common/constants';
+import { CLOUD_SECURITY_PACKAGE_NAME } from '../../../common/constants';
 import { CspRouter } from '../../types';
 
 export const getPackagePolicy = async (
@@ -36,9 +36,10 @@ export const getPackagePolicy = async (
   if (!packagePolicies || !packagePolicies[0].version) {
     throw new Error(`package policy Id '${packagePolicyId}' is not exist`);
   }
-  if (packagePolicies[0].package?.name !== CIS_KUBERNETES_PACKAGE_NAME) {
-    // TODO: improve this validator to support any future CSP package
-    throw new Error(`Package Policy Id '${packagePolicyId}' is not CSP package`);
+  if (packagePolicies[0].package?.name !== CLOUD_SECURITY_PACKAGE_NAME) {
+    throw new Error(
+      `Package Policy Id '${packagePolicyId}' is not of type cloud security posture package`
+    );
   }
 
   return packagePolicies![0];