elastic · animehart · Aug 27, 2024 · Aug 20, 2024 · Aug 21, 2024 · Aug 21, 2024
diff --git a/x-pack/packages/kbn-cloud-security-posture-common/constants.ts b/x-pack/packages/kbn-cloud-security-posture-common/constants.ts
@@ -0,0 +1,20 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+export const KSPM_POLICY_TEMPLATE = 'kspm';
+export const CSPM_POLICY_TEMPLATE = 'cspm';
+export const CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN =
+  'logs-cloud_security_posture.findings_latest-default';
+export const CDR_LATEST_THIRD_PARTY_MISCONFIGURATIONS_INDEX_PATTERN =
+  'logs-*_latest_misconfigurations_cdr';
+export const CDR_MISCONFIGURATIONS_INDEX_PATTERN = `${CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN},${CDR_LATEST_THIRD_PARTY_MISCONFIGURATIONS_INDEX_PATTERN}`;
+export const LATEST_FINDINGS_RETENTION_POLICY = '26h';
+export const MAX_FINDINGS_TO_LOAD = 500;
+export const CSP_GET_BENCHMARK_RULES_STATE_ROUTE_PATH =
+  '/internal/cloud_security_posture/rules/_get_states';
+export const CSP_GET_BENCHMARK_RULES_STATE_API_CURRENT_VERSION = '1';
+export const STATUS_ROUTE_PATH = '/internal/cloud_security_posture/status';
+export const STATUS_API_CURRENT_VERSION = '1';
diff --git a/x-pack/packages/kbn-cloud-security-posture-common/index.ts b/x-pack/packages/kbn-cloud-security-posture-common/index.ts
@@ -0,0 +1,22 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+// Careful of exporting anything from this file as any file(s) you export here will cause your page bundle size to increase.
+// If you're using functions/types/etc... internally or within integration tests it's best to import directly from their paths
+// than expose the functions/types/etc... here. You should _only_ expose functions/types/etc... that need to be shared with other plugins here.
+
+export type {
+  CspStatusCode,
+  IndexStatus,
+  IndexDetails,
+  BaseCspSetupBothPolicy,
+  BaseCspSetupStatus,
+  CspSetupStatus,
+  CspFinding,
+} from './types';
+export * from './constants';
+export type { CspBenchmarkRuleMetadata, CspBenchmarkRulesStates } from './schema/rules';
diff --git a/x-pack/packages/kbn-cloud-security-posture-common/schema/index.ts b/x-pack/packages/kbn-cloud-security-posture-common/schema/index.ts
@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export { ruleStateAttributes, cspBenchmarkRuleMetadataSchema, rulesStates } from './rules';
diff --git a/x-pack/packages/kbn-cloud-security-posture-common/schema/rules.ts b/x-pack/packages/kbn-cloud-security-posture-common/schema/rules.ts
@@ -0,0 +1,48 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+import { TypeOf, schema } from '@kbn/config-schema';
+import { CSPM_POLICY_TEMPLATE, KSPM_POLICY_TEMPLATE } from '../constants';
+
+export type CspBenchmarkRuleMetadata = TypeOf<typeof cspBenchmarkRuleMetadataSchema>;
+
+export const cspBenchmarkRuleMetadataSchema = schema.object({
+  audit: schema.string(),
+  benchmark: schema.object({
+    name: schema.string(),
+    posture_type: schema.maybe(
+      schema.oneOf([schema.literal(CSPM_POLICY_TEMPLATE), schema.literal(KSPM_POLICY_TEMPLATE)])
+    ),
+    id: schema.string(),
+    version: schema.string(),
+    rule_number: schema.maybe(schema.string()),
+  }),
+  default_value: schema.maybe(schema.string()),
+  description: schema.string(),
+  id: schema.string(),
+  impact: schema.maybe(schema.string()),
+  name: schema.string(),
+  profile_applicability: schema.string(),
+  rationale: schema.string(),
+  references: schema.maybe(schema.string()),
+  rego_rule_id: schema.string(),
+  remediation: schema.string(),
+  section: schema.string(),
+  tags: schema.arrayOf(schema.string()),
+  version: schema.string(),
+});
+
+export const ruleStateAttributes = schema.object({
+  muted: schema.boolean(),
+  benchmark_id: schema.string(),
+  benchmark_version: schema.string(),
+  rule_number: schema.string(),
+  rule_id: schema.string(),
+});
+
+export const rulesStates = schema.recordOf(schema.string(), ruleStateAttributes);
+
+export type CspBenchmarkRulesStates = TypeOf<typeof rulesStates>;
diff --git a/x-pack/packages/kbn-cloud-security-posture-common/tsconfig.json b/x-pack/packages/kbn-cloud-security-posture-common/tsconfig.json
@@ -0,0 +1,20 @@
+{
+  "extends": "../../../tsconfig.base.json",
+  "compilerOptions": {
+    "outDir": "target/types",
+    "types": [
+      "jest",
+      "node",
+    ]
+  },
+  "include": [
+    "**/*.ts",
+    "**/*.tsx",
+  ],
+  "exclude": [
+    "target/**/*"
+  ],
+  "kbn_references": [
+    "@kbn/config-schema",
+  ]
+}
diff --git a/...ity_posture/common/schemas/csp_finding.ts → ...bn-cloud-security-posture-common/types.ts b/...ity_posture/common/schemas/csp_finding.ts → ...bn-cloud-security-posture-common/types.ts
@@ -4,10 +4,46 @@
  * 2.0; you may not use this file except in compliance with the Elastic License
  * 2.0.
  */
-
-// TODO: this needs to be defined in a versioned schema
 import type { EcsDataStream, EcsEvent } from '@elastic/ecs';
-import { CspBenchmarkRuleMetadata } from '../types/latest';
+import type { CspBenchmarkRuleMetadata } from './schema/rules';
+
+export type CspStatusCode =
+  | 'indexed' // latest findings index exists and has results
+  | 'indexing' // index timeout was not surpassed since installation, assumes data is being indexed
+  | 'unprivileged' // user lacks privileges for the latest findings index
+  | 'index-timeout' // index timeout was surpassed since installation
+  | 'not-deployed' // no healthy agents were deployed
+  | 'not-installed' // number of installed csp integrations is 0;
+  | 'waiting_for_results'; // have healthy agents but no findings at all, assumes data is being indexed for the 1st time
+
+export type IndexStatus =
+  | 'not-empty' // Index contains documents
+  | 'empty' // Index doesn't contain documents (or doesn't exist)
+  | 'unprivileged'; // User doesn't have access to query the index
+
+export interface IndexDetails {
+  index: string;
+  status: IndexStatus;
+}
+
+export interface BaseCspSetupBothPolicy {
+  status: CspStatusCode;
+  installedPackagePolicies: number;
+  healthyAgents: number;
+}
+
+export interface BaseCspSetupStatus {
+  indicesDetails: IndexDetails[];
+  latestPackageVersion: string;
+  cspm: BaseCspSetupBothPolicy;
+  kspm: BaseCspSetupBothPolicy;
+  vuln_mgmt: BaseCspSetupBothPolicy;
+  isPluginInitialized: boolean;
+  installedPackageVersion?: string | undefined;
+  hasMisconfigurationsFindings?: boolean;
+}
+
+export type CspSetupStatus = BaseCspSetupStatus;
 
 export interface CspFinding {
   '@timestamp': string;

@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export * from './type';
@@ -0,0 +1,37 @@
+{
+  "extends": "../../../tsconfig.base.json",
+  "compilerOptions": {
+    "outDir": "target/types",
+    "types": [
+      "jest",
+      "node",
+      "react"
+    ]
+  },
+  "include": [
+    "**/*.ts",
+    "**/*.tsx",
+  ],
+  "exclude": [
+    "target/**/*"
+  ],
+  "kbn_references": [
+    "@kbn/core",
+    "@kbn/licensing-plugin",
+    "@kbn/data-views-plugin",
+    "@kbn/unified-search-plugin",
+    "@kbn/ui-actions-plugin",
+    "@kbn/field-formats-plugin",
+    "@kbn/data-view-field-editor-plugin",
+    "@kbn/data-plugin",
+    "@kbn/kibana-utils-plugin",
+    "@kbn/charts-plugin",
+    "@kbn/discover-plugin",
+    "@kbn/fleet-plugin",
+    "@kbn/usage-collection-plugin",
+    "@kbn/share-plugin",
+    "@kbn/es-query",
+    "@kbn/cloud-plugin",
+    "@kbn/spaces-plugin",
+  ]
+}
@@ -0,0 +1,53 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { CloudSetup } from '@kbn/cloud-plugin/public';
+import type { LicensingPluginStart } from '@kbn/licensing-plugin/public';
+import { DataViewsServicePublic } from '@kbn/data-views-plugin/public';
+import type { UnifiedSearchPublicPluginStart } from '@kbn/unified-search-plugin/public';
+import { UiActionsStart } from '@kbn/ui-actions-plugin/public';
+import { FieldFormatsStart } from '@kbn/field-formats-plugin/public';
+import { IndexPatternFieldEditorStart } from '@kbn/data-view-field-editor-plugin/public';
+import type { DataPublicPluginStart } from '@kbn/data-plugin/public';
+import { ToastsStart } from '@kbn/core/public';
+import { Storage } from '@kbn/kibana-utils-plugin/public';
+
+import type { ChartsPluginStart } from '@kbn/charts-plugin/public';
+import type { DiscoverStart } from '@kbn/discover-plugin/public';
+import type { FleetStart } from '@kbn/fleet-plugin/public';
+import type { UsageCollectionStart } from '@kbn/usage-collection-plugin/public';
+import { SharePluginStart } from '@kbn/share-plugin/public';
+import { SpacesPluginStart } from '@kbn/spaces-plugin/public';
+
+import type { BoolQuery } from '@kbn/es-query';
+export interface FindingsBaseEsQuery {
+  query?: {
+    bool: BoolQuery;
+  };
+}
+
+export interface CspClientPluginStartDeps {
+  // required
+  data: DataPublicPluginStart;
+  dataViews: DataViewsServicePublic;
+  dataViewFieldEditor: IndexPatternFieldEditorStart;
+  unifiedSearch: UnifiedSearchPublicPluginStart;
+  uiActions: UiActionsStart;
+  fieldFormats: FieldFormatsStart;
+  toastNotifications: ToastsStart;
+  charts: ChartsPluginStart;
+  discover: DiscoverStart;
+  fleet: FleetStart;
+  licensing: LicensingPluginStart;
+  share: SharePluginStart;
+  storage: Storage;
+  spaces: SpacesPluginStart;
+  cloud: CloudSetup;
+
+  // optional
+  usageCollection?: UsageCollectionStart;
+}
@@ -5,6 +5,7 @@
  * 2.0.
  */
 
+import { KSPM_POLICY_TEMPLATE, CSPM_POLICY_TEMPLATE } from '@kbn/cloud-security-posture-common';
 import {
   AwsCredentialsTypeFieldMap,
   GcpCredentialsTypeFieldMap,
@@ -13,8 +14,6 @@ import {
 } from './types_old';
 
 export const CLOUD_SECURITY_INTERTAL_PREFIX_ROUTE_PATH = '/internal/cloud_security_posture/';
-export const STATUS_ROUTE_PATH = '/internal/cloud_security_posture/status';
-export const STATUS_API_CURRENT_VERSION = '1';
 
 export const STATS_ROUTE_PATH = '/internal/cloud_security_posture/stats/{policy_template}';
 
@@ -31,10 +30,6 @@ export const CSP_BENCHMARK_RULES_BULK_ACTION_ROUTE_PATH =
   '/internal/cloud_security_posture/rules/_bulk_action';
 export const CSP_BENCHMARK_RULES_BULK_ACTION_API_CURRENT_VERSION = '1';
 
-export const CSP_GET_BENCHMARK_RULES_STATE_ROUTE_PATH =
-  '/internal/cloud_security_posture/rules/_get_states';
-export const CSP_GET_BENCHMARK_RULES_STATE_API_CURRENT_VERSION = '1';
-
 export const GET_DETECTION_RULE_ALERTS_STATUS_PATH =
   '/internal/cloud_security_posture/detection_engine_rules/alerts/_status';
 export const DETECTION_RULE_ALERTS_STATUS_API_CURRENT_VERSION = '1';
@@ -45,11 +40,6 @@ export const CLOUD_SECURITY_POSTURE_PACKAGE_NAME = 'cloud_security_posture';
 export const CDR_MISCONFIGURATIONS_DATA_VIEW_NAME = 'Latest Cloud Security Misconfigurations';
 export const CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX =
   'security_solution_cdr_latest_misconfigurations';
-export const CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN =
-  'logs-cloud_security_posture.findings_latest-default';
-export const CDR_LATEST_THIRD_PARTY_MISCONFIGURATIONS_INDEX_PATTERN =
-  'logs-*_latest_misconfigurations_cdr';
-export const CDR_MISCONFIGURATIONS_INDEX_PATTERN = `${CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN},${CDR_LATEST_THIRD_PARTY_MISCONFIGURATIONS_INDEX_PATTERN}`;
 
 export const CDR_VULNERABILITIES_DATA_VIEW_NAME = 'Latest Cloud Security Vulnerabilities';
 export const CDR_VULNERABILITIES_DATA_VIEW_ID_PREFIX =
@@ -65,8 +55,6 @@ export const LATEST_FINDINGS_INDEX_TEMPLATE_NAME = 'logs-cloud_security_posture.
 export const LATEST_FINDINGS_INDEX_DEFAULT_NS =
   'logs-cloud_security_posture.findings_latest-default';
 
-export const LATEST_FINDINGS_RETENTION_POLICY = '26h';
-
 export const BENCHMARK_SCORE_INDEX_TEMPLATE_NAME = 'logs-cloud_security_posture.scores';
 export const BENCHMARK_SCORE_INDEX_PATTERN = 'logs-cloud_security_posture.scores-*';
 export const BENCHMARK_SCORE_INDEX_DEFAULT_NS = 'logs-cloud_security_posture.scores-default';
@@ -127,8 +115,6 @@ export const CIS_GCP = 'cis_gcp';
 export const CIS_K8S = 'cis_k8s';
 export const CIS_EKS = 'cis_eks';
 export const CIS_AZURE = 'cis_azure';
-export const KSPM_POLICY_TEMPLATE = 'kspm';
-export const CSPM_POLICY_TEMPLATE = 'cspm';
 export const VULN_MGMT_POLICY_TEMPLATE = 'vuln_mgmt';
 export const CNVM_POLICY_TEMPLATE = 'cnvm';
 export const SUPPORTED_POLICY_TEMPLATES = [

@@ -6,7 +6,7 @@
  */
 
 import { schema } from '@kbn/config-schema';
-import { CSPM_POLICY_TEMPLATE, KSPM_POLICY_TEMPLATE } from '../constants';
+import { CSPM_POLICY_TEMPLATE, KSPM_POLICY_TEMPLATE } from '@kbn/cloud-security-posture-common';
 
 // this pages follows versioning interface strategy https://docs.elastic.dev/kibana-dev-docs/versioning-interfaces
 

@@ -16,8 +16,6 @@ export * as benchmarkV2 from './benchmarks/v2';
 
 // Explicit export of everything from latest
 export type {
-  cspBenchmarkRuleMetadataSchema,
-  CspBenchmarkRuleMetadata,
   CspBenchmarkRule,
   FindCspBenchmarkRuleRequest,
   FindCspBenchmarkRuleResponse,

@@ -6,44 +6,17 @@
  */
 
 import { schema, TypeOf } from '@kbn/config-schema';
-import { CSPM_POLICY_TEMPLATE, KSPM_POLICY_TEMPLATE } from '../../constants';
+
+import { cspBenchmarkRuleMetadataSchema } from '@kbn/cloud-security-posture-common/schema';
 
 export const DEFAULT_BENCHMARK_RULES_PER_PAGE = 25;
 
 // Since version 8.7.0
 
 export type FindCspBenchmarkRuleRequest = TypeOf<typeof findCspBenchmarkRuleRequestSchema>;
 
-export type CspBenchmarkRuleMetadata = TypeOf<typeof cspBenchmarkRuleMetadataSchema>;
-
 export type CspBenchmarkRule = TypeOf<typeof cspBenchmarkRuleSchema>;
 
-export const cspBenchmarkRuleMetadataSchema = schema.object({
-  audit: schema.string(),
-  benchmark: schema.object({
-    name: schema.string(),
-    posture_type: schema.maybe(
-      schema.oneOf([schema.literal(CSPM_POLICY_TEMPLATE), schema.literal(KSPM_POLICY_TEMPLATE)])
-    ),
-    id: schema.string(),
-    version: schema.string(),
-    rule_number: schema.maybe(schema.string()),
-  }),
-  default_value: schema.maybe(schema.string()),
-  description: schema.string(),
-  id: schema.string(),
-  impact: schema.maybe(schema.string()),
-  name: schema.string(),
-  profile_applicability: schema.string(),
-  rationale: schema.string(),
-  references: schema.maybe(schema.string()),
-  rego_rule_id: schema.string(),
-  remediation: schema.string(),
-  section: schema.string(),
-  tags: schema.arrayOf(schema.string()),
-  version: schema.string(),
-});
-
 export const cspBenchmarkRuleSchema = schema.object({
   metadata: cspBenchmarkRuleMetadataSchema,
 });