[Fleet] Add data tags to agent policy APIs

packages/kbn-check-mappings-update-cli/current_fields.json

@@ -500,6 +500,7 @@
     "description",
     "download_source_id",
     "fleet_server_host_id",
+    "global_data_tags",
     "inactivity_timeout",
     "is_default",
     "is_default_fleet_server",

packages/kbn-check-mappings-update-cli/current_mappings.json

@@ -1678,6 +1678,10 @@
       "fleet_server_host_id": {
         "type": "keyword"
       },
+      "global_data_tags": {
+        "index": false,
+        "type": "flattened"
+      },
       "inactivity_timeout": {
         "type": "integer"
       },

src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts

@@ -109,7 +109,7 @@ describe('checking migration metadata changes on all registered SO types', () =>
         "infra-custom-dashboards": "1a5994f2e05bb8a1609825ddbf5012f77c5c67f3",
         "infrastructure-monitoring-log-view": "5f86709d3c27aed7a8379153b08ee5d3d90d77f5",
         "infrastructure-ui-source": "113182d6895764378dfe7fa9fa027244f3a457c4",
-        "ingest-agent-policies": "803dc27e106440c41e8f3c3d8ee8bbb0821bcde2",
+        "ingest-agent-policies": "90625b4a5ded9d4867358fcccc14a57c0454fcee",
         "ingest-download-sources": "279a68147e62e4d8858c09ad1cf03bd5551ce58d",
         "ingest-outputs": "daafff49255ab700e07491376fe89f04fc998b91",
         "ingest-package-policies": "44c682a6bf23993c665f0a60a427f3c120a0a10d",

x-pack/plugins/fleet/common/constants/epm.ts

@@ -25,6 +25,38 @@ export const FLEET_CLOUD_SECURITY_POSTURE_KSPM_POLICY_TEMPLATE = 'kspm';
 export const FLEET_CLOUD_SECURITY_POSTURE_CSPM_POLICY_TEMPLATE = 'cspm';
 export const FLEET_CLOUD_SECURITY_POSTURE_CNVM_POLICY_TEMPLATE = 'vuln_mgmt';
 export const FLEET_CLOUD_DEFEND_PACKAGE = 'cloud_defend';
+export const FLEET_PF_HOST_AGENT_PACKAGE = 'pf-host-agent';
+export const FLEET_PF_ELASTIC_SYMBOLIZER_PACKAGE = 'pf-elastic-symbolizer';
+export const FLEET_PF_ELASTIC_COLLECTOR_PACKAGE = 'pf-elastic-collector';
+export const FLEET_CLOUD_BEAT_PACKAGE = 'cloudbeat';
+export const FLEET_CLOUD_BEAT_CIS_K8S_PACKAGE = `${FLEET_CLOUD_BEAT_PACKAGE}/cis_k8s`;
+export const FLEET_CLOUD_BEAT_CIS_EKS_PACKAGE = `${FLEET_CLOUD_BEAT_PACKAGE}/cis_eks`;
+export const FLEET_CLOUD_BEAT_CIS_AWS_PACKAGE = `${FLEET_CLOUD_BEAT_PACKAGE}/cis_aws`;
+export const FLEET_CLOUD_BEAT_CIS_GCP_PACKAGE = `${FLEET_CLOUD_BEAT_PACKAGE}/cis_gcp`;
+export const FLEET_CLOUD_BEAT_CIS_AZURE_PACKAGE = `${FLEET_CLOUD_BEAT_PACKAGE}/cis_azure`;
+export const FLEET_CLOUD_BEAT_VULN_MGMT_AWS_PACKAGE = `${FLEET_CLOUD_BEAT_PACKAGE}/vuln_mgmt_aws`;
+
+export const GLOBAL_DATA_TAG_EXCLUDED_INPUTS = new Set<string>([
+  FLEET_APM_PACKAGE,
+  FLEET_PF_HOST_AGENT_PACKAGE,
+  FLEET_PF_ELASTIC_SYMBOLIZER_PACKAGE,
+  FLEET_PF_ELASTIC_COLLECTOR_PACKAGE,
+  /* The package names and input types are not the same. For example package
+   * name for fleet server is "fleet_server" whereas the input type is "fleet-server".
+   * This is the same case for cloud defend. That's why we are replacing the
+   * underscores with dashes for the two of them. Global data tag functionality
+   * relies on input types.
+   */
+  FLEET_SERVER_PACKAGE.replace(/_/g, '-'),
+  FLEET_CLOUD_DEFEND_PACKAGE.replace(/_/g, '-'),
+  FLEET_CLOUD_BEAT_PACKAGE,
+  FLEET_CLOUD_BEAT_CIS_K8S_PACKAGE,
+  FLEET_CLOUD_BEAT_CIS_EKS_PACKAGE,
+  FLEET_CLOUD_BEAT_CIS_AWS_PACKAGE,
+  FLEET_CLOUD_BEAT_CIS_GCP_PACKAGE,
+  FLEET_CLOUD_BEAT_CIS_AZURE_PACKAGE,
+  FLEET_CLOUD_BEAT_VULN_MGMT_AWS_PACKAGE,
+]);
 
 export const PACKAGE_TEMPLATE_SUFFIX = '@package';
 export const USER_SETTINGS_TEMPLATE_SUFFIX = '@custom';

x-pack/plugins/fleet/common/openapi/bundled.json

@@ -7660,6 +7660,23 @@
           "supports_agentless": {
             "type": "boolean",
             "description": "Indicates whether the agent policy supports agentless integrations. Only allowed in a serverless environment."
+          },
+          "global_data_tags": {
+            "type": "array",
+            "items": {
+              "type": "object",
+              "additionalProperties": {
+                "oneOf": [
+                  {
+                    "type": "string"
+                  },
+                  {
+                    "type": "number"
+                  }
+                ]
+              },
+              "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers."
+            }
           }
         },
         "required": [
@@ -7741,6 +7758,23 @@
           "force": {
             "type": "boolean",
             "description": "Force agent policy creation even if packages are not verified."
+          },
+          "global_data_tags": {
+            "type": "array",
+            "items": {
+              "type": "object",
+              "additionalProperties": {
+                "oneOf": [
+                  {
+                    "type": "string"
+                  },
+                  {
+                    "type": "number"
+                  }
+                ]
+              },
+              "description": "User defined data tags that are added to all of the inputs. The values can be strings or numbers."
+            }
           }
         },
         "required": [

x-pack/plugins/fleet/common/openapi/bundled.yaml

@@ -4933,6 +4933,17 @@ components:
           description: >-
             Indicates whether the agent policy supports agentless integrations.
             Only allowed in a serverless environment.
+        global_data_tags:
+          type: array
+          items:
+            type: object
+            additionalProperties:
+              oneOf:
+                - type: string
+                - type: number
+            description: >-
+              User defined data tags that are added to all of the inputs. The
+              values can be strings or numbers.
       required:
         - id
         - status
@@ -4990,6 +5001,17 @@ components:
         force:
           type: boolean
           description: Force agent policy creation even if packages are not verified.
+        global_data_tags:
+          type: array
+          items:
+            type: object
+            additionalProperties:
+              oneOf:
+                - type: string
+                - type: number
+            description: >-
+              User defined data tags that are added to all of the inputs. The
+              values can be strings or numbers.
       required:
         - name
         - namespace

x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy.yaml

@@ -78,6 +78,15 @@ properties:
   supports_agentless:
     type: boolean
     description: Indicates whether the agent policy supports agentless integrations. Only allowed in a serverless environment.
+  global_data_tags:
+    type: array
+    items:
+      type: object
+      additionalProperties:
+        oneOf:
+          - type: string
+          - type: number
+      description: User defined data tags that are added to all of the inputs. The values can be strings or numbers.
 required:
   - id
   - status

x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy_create_request.yaml

@@ -49,6 +49,15 @@ properties:
   force:
     type: boolean
     description: Force agent policy creation even if packages are not verified.
+  global_data_tags:
+    type: array
+    items:
+      type: object
+      additionalProperties:
+        oneOf:
+          - type: string
+          - type: number
+      description: User defined data tags that are added to all of the inputs. The values can be strings or numbers.
 required:
   - name
   - namespace

x-pack/plugins/fleet/common/types/models/agent_policy.ts

@@ -42,6 +42,12 @@ export interface NewAgentPolicy {
   advanced_settings?: { [key: string]: any } | null;
   keep_monitoring_alive?: boolean | null;
   supports_agentless?: boolean | null;
+  global_data_tags?: GlobalDataTag[];
+}
+
+export interface GlobalDataTag {
+  name: string;
+  value: string | number;
 }
 
 // SO definition for this type is declared in server/types/interfaces
@@ -80,9 +86,19 @@ export interface FullAgentPolicyInput {
     [key: string]: unknown;
   };
   streams?: FullAgentPolicyInputStream[];
+  processors?: FullAgentPolicyAddFields[];
   [key: string]: any;
 }
 
+export interface FullAgentPolicyAddFields {
+  add_fields: {
+    target: string;
+    fields: {
+      [key: string]: string | number;
+    };
+  };
+}
+
 export type FullAgentPolicyOutputPermissions = Record<string, SecurityRoleDescriptor>;
 
 export type FullAgentPolicyOutput = Pick<Output, 'type' | 'hosts' | 'ca_sha256'> & {

x-pack/plugins/fleet/server/saved_objects/index.ts

@@ -167,6 +167,7 @@ export const getSavedObjectTypes = (
           keep_monitoring_alive: { type: 'boolean' },
           advanced_settings: { type: 'flattened', index: false },
           supports_agentless: { type: 'boolean' },
+          global_data_tags: { type: 'flattened', index: false },
         },
       },
       migrations: {
@@ -197,6 +198,16 @@ export const getSavedObjectTypes = (
             },
           ],
         },
+        '3': {
+          changes: [
+            {
+              type: 'mappings_addition',
+              addedMappings: {
+                global_data_tags: { type: 'flattened', index: false },
+              },
+            },
+          ],
+        },
       },
     },
     [OUTPUT_SAVED_OBJECT_TYPE]: {

x-pack/plugins/fleet/server/services/agent_policies/full_agent_policy.ts

@@ -118,7 +118,8 @@ export async function getFullAgentPolicy(
     agentPolicy.package_policies as PackagePolicy[],
     packageInfoCache,
     getOutputIdForAgentPolicy(dataOutput),
-    agentPolicy.namespace
+    agentPolicy.namespace,
+    agentPolicy.global_data_tags
   );
   const features = (agentPolicy.agent_features || []).reduce((acc, { name, ...featureConfig }) => {
     acc[name] = featureConfig;