agithomas
diff --git a/‎packages/gcp/changelog.yml‎
Lines changed: 5 additions & 0 deletions b/‎packages/gcp/changelog.yml‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎packages/gcp/data_stream/audit/_dev/test/pipeline/test-audit.log‎
Lines changed: 1 addition & 0 deletions b/‎packages/gcp/data_stream/audit/_dev/test/pipeline/test-audit.log‎
Lines changed: 1 addition & 0 deletions
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.16.2"
+  changes:
+    - description: Add logic to handle scalar request.policy values on audit
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/5231
 - version: "2.16.1"
   changes:
     - description: Replace missing input control panel with new-style control.
 
@@ -14,3 +14,4 @@
 {"insertId": "e5132c86-462b-41b3-9b6a-47966addbb0b","labels": {"authorization.k8s.io/decision": "allow","authorization.k8s.io/reason": ""},"logName": "projects/iammai-340819/logs/cloudaudit.googleapis.com%2Factivity","operation": {"first": true,"id": "e5132c86-462b-41b3-9b6a-47966addbb0b","last": true,"producer": "k8s.io"},"protoPayload": {"@type": "type.googleapis.com/google.cloud.audit.AuditLog","authenticationInfo": {"principalEmail": "system:addon-manager"},"authorizationInfo": [ { "granted": true, "permission": "io.k8s.apps.v1.deployments.patch", "resource": "apps/v1/namespaces/kube-system/deployments/konnectivity-agent" } ], "methodName": "io.k8s.apps.v1.deployments.patch", "request": { "@type": "k8s.io/Patch", "spec": { "strategy": { "$retainKeys": [ "type" ] }, "template": { "spec": { "$setElementOrder/volumes": [ { "name": "konnectivity-agent-token" } ], "volumes": [ { "$retainKeys": [ "name", "projected" ], "name": "konnectivity-agent-token", "projected": { "sources": [ { "serviceAccountToken": { "audience": "system:konnectivity-server", "path": "konnectivity-agent-token" } } ] } } ] } } } }, "requestMetadata": { "callerIp": "10.142.0.152", "callerSuppliedUserAgent": "kubectl/v1.20.2 (linux/amd64) kubernetes/faecb19" }, "resourceName": "apps/v1/namespaces/kube-system/deployments/konnectivity-agent", "response": { "@type": "apps.k8s.io/v1.Deployment", "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "annotations": { "components.gke.io/layer": "addon", "deployment.kubernetes.io/revision": "1", "kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"apps/v1\",\"kind\":\"Deployment\",\"metadata\":{\"annotations\":{\"components.gke.io/layer\":\"addon\"},\"labels\":{\"addonmanager.kubernetes.io/mode\":\"Reconcile\",\"k8s-app\":\"konnectivity-agent\"},\"name\":\"konnectivity-agent\",\"namespace\":\"kube-system\"},\"spec\":{\"selector\":{\"matchLabels\":{\"k8s-app\":\"konnectivity-agent\"}},\"strategy\":{\"type\":\"RollingUpdate\"},\"template\":{\"metadata\":{\"annotations\":{\"cluster-autoscaler.kubernetes.io/safe-to-evict\":\"true\",\"components.gke.io/component-name\":\"konnectivitynetworkproxy-combined\",\"components.gke.io/component-version\":\"1.3.3\"},\"labels\":{\"k8s-app\":\"konnectivity-agent\"}},\"spec\":{\"containers\":[{\"args\":[\"--logtostderr=true\",\"--ca-cert=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt\",\"--proxy-server-host=34.75.195.103\",\"--proxy-server-port=8132\",\"--health-server-port=8093\",\"--admin-server-port=8094\",\"--sync-interval=5s\",\"--probe-interval=5s\",\"--service-account-token-path=/var/run/secrets/tokens/konnectivity-agent-token\",\"--v=3\"],\"command\":[\"/proxy-agent\"],\"env\":[{\"name\":\"POD_NAME\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.name\"}}},{\"name\":\"POD_NAMESPACE\",\"valueFrom\":{\"fieldRef\":{\"fieldPath\":\"metadata.namespace\"}}}],\"image\":\"gke.gcr.io/proxy-agent:v0.0.24-gke.0\",\"livenessProbe\":{\"httpGet\":{\"path\":\"/healthz\",\"port\":8093},\"initialDelaySeconds\":15,\"timeoutSeconds\":15},\"name\":\"konnectivity-agent\",\"ports\":[{\"containerPort\":8093,\"name\":\"metrics\",\"protocol\":\"TCP\"}],\"resources\":{\"limits\":{\"memory\":\"125Mi\"},\"requests\":{\"cpu\":\"10m\",\"memory\":\"30Mi\"}},\"securityContext\":{\"allowPrivilegeEscalation\":false,\"capabilities\":{\"drop\":[\"all\"]}},\"volumeMounts\":[{\"mountPath\":\"/var/run/secrets/tokens\",\"name\":\"konnectivity-agent-token\"}]}],\"nodeSelector\":{\"beta.kubernetes.io/os\":\"linux\"},\"priorityClassName\":\"system-cluster-critical\",\"securityContext\":{\"fsGroup\":1000,\"runAsGroup\":1000,\"runAsUser\":1000},\"serviceAccountName\":\"konnectivity-agent\",\"tolerations\":[{\"key\":\"CriticalAddonsOnly\",\"operator\":\"Exists\"},{\"effect\":\"NoSchedule\",\"key\":\"sandbox.gke.io/runtime\",\"operator\":\"Equal\",\"value\":\"gvisor\"},{\"key\":\"components.gke.io/gke-managed-components\",\"operator\":\"Exists\"}],\"topologySpreadConstraints\":[{\"labelSelector\":{\"matchLabels\":{\"k8s-app\":\"konnectivity-agent\"}},\"maxSkew\":1,\"topologyKey\":\"topology.kubernetes.io/zone\",\"whenUnsatisfiable\":\"ScheduleAnyway\"},{\"labelSelector\":{\"matchLabels\":{\"k8s-app\":\"konnectivity-agent\"}},\"maxSkew\":1,\"topologyKey\":\"kubernetes.io/hostname\",\"whenUnsatisfiable\":\"ScheduleAnyway\"}],\"volumes\":[{\"name\":\"konnectivity-agent-token\",\"projected\":{\"sources\":[{\"serviceAccountToken\":{\"audience\":\"system:konnectivity-server\",\"path\":\"konnectivity-agent-token\"}}]}}]}}}}" }, "creationTimestamp": "2022-03-16T21:29:13Z", "generation": 2, "labels": { "addonmanager.kubernetes.io/mode": "Reconcile", "k8s-app": "konnectivity-agent" }, "managedFields": [ { "apiVersion": "apps/v1", "fieldsType": "FieldsV1", "fieldsV1": { "f:metadata": { "f:annotations": { ".": {}, "f:components.gke.io/layer": {}, "f:kubectl.kubernetes.io/last-applied-configuration": {} }, "f:labels": { ".": {}, "f:addonmanager.kubernetes.io/mode": {}, "f:k8s-app": {} } }, "f:spec": { "f:progressDeadlineSeconds": {}, "f:replicas": {}, "f:revisionHistoryLimit": {}, "f:selector": {}, "f:strategy": { "f:rollingUpdate": { ".": {}, "f:maxSurge": {}, "f:maxUnavailable": {} }, "f:type": {} }, "f:template": { "f:metadata": { "f:annotations": { ".": {}, "f:cluster-autoscaler.kubernetes.io/safe-to-evict": {}, "f:components.gke.io/component-name": {}, "f:components.gke.io/component-version": {} }, "f:labels": { ".": {}, "f:k8s-app": {} } }, "f:spec": { "f:containers": { "k:{\"name\":\"konnectivity-agent\"}": { ".": {}, "f:args": {}, "f:command": {}, "f:env": { ".": {}, "k:{\"name\":\"POD_NAME\"}": { ".": {}, "f:name": {}, "f:valueFrom": { ".": {}, "f:fieldRef": { ".": {}, "f:apiVersion": {}, "f:fieldPath": {} } } }, "k:{\"name\":\"POD_NAMESPACE\"}": { ".": {}, "f:name": {}, "f:valueFrom": { ".": {}, "f:fieldRef": { ".": {}, "f:apiVersion": {}, "f:fieldPath": {} } } } }, "f:image": {}, "f:imagePullPolicy": {}, "f:livenessProbe": { ".": {}, "f:failureThreshold": {}, "f:httpGet": { ".": {}, "f:path": {}, "f:port": {}, "f:scheme": {} }, "f:initialDelaySeconds": {}, "f:periodSeconds": {}, "f:successThreshold": {}, "f:timeoutSeconds": {} }, "f:name": {}, "f:ports": { ".": {}, "k:{\"containerPort\":8093,\"protocol\":\"TCP\"}": { ".": {}, "f:containerPort": {}, "f:name": {}, "f:protocol": {} } }, "f:resources": { ".": {}, "f:limits": { ".": {}, "f:memory": {} }, "f:requests": { ".": {}, "f:cpu": {}, "f:memory": {} } }, "f:securityContext": { ".": {}, "f:allowPrivilegeEscalation": {}, "f:capabilities": { ".": {}, "f:drop": {} } }, "f:terminationMessagePath": {}, "f:terminationMessagePolicy": {}, "f:volumeMounts": { ".": {}, "k:{\"mountPath\":\"/var/run/secrets/tokens\"}": { ".": {}, "f:mountPath": {}, "f:name": {} } } } }, "f:dnsPolicy": {}, "f:nodeSelector": { ".": {}, "f:beta.kubernetes.io/os": {} }, "f:priorityClassName": {}, "f:restartPolicy": {}, "f:schedulerName": {}, "f:securityContext": { ".": {}, "f:fsGroup": {}, "f:runAsGroup": {}, "f:runAsUser": {} }, "f:serviceAccount": {}, "f:serviceAccountName": {}, "f:terminationGracePeriodSeconds": {}, "f:tolerations": {}, "f:topologySpreadConstraints": { ".": {}, "k:{\"topologyKey\":\"kubernetes.io/hostname\",\"whenUnsatisfiable\":\"ScheduleAnyway\"}": { ".": {}, "f:labelSelector": {}, "f:maxSkew": {}, "f:topologyKey": {}, "f:whenUnsatisfiable": {} }, "k:{\"topologyKey\":\"topology.kubernetes.io/zone\",\"whenUnsatisfiable\":\"ScheduleAnyway\"}": { ".": {}, "f:labelSelector": {}, "f:maxSkew": {}, "f:topologyKey": {}, "f:whenUnsatisfiable": {} } }, "f:volumes": { ".": {}, "k:{\"name\":\"konnectivity-agent-token\"}": { ".": {}, "f:name": {}, "f:projected": { ".": {}, "f:defaultMode": {}, "f:sources": {} } } } } } } }, "manager": "kubectl-client-side-apply", "operation": "Update", "time": "2022-03-16T21:29:13Z" }, { "apiVersion": "apps/v1", "fieldsType": "FieldsV1", "fieldsV1": { "f:metadata": { "f:annotations": { "f:deployment.kubernetes.io/revision": {} } }, "f:status": { "f:availableReplicas": {}, "f:conditions": { ".": {}, "k:{\"type\":\"Available\"}": { ".": {}, "f:lastTransitionTime": {}, "f:lastUpdateTime": {}, "f:message": {}, "f:reason": {}, "f:status": {}, "f:type": {} }, "k:{\"type\":\"Progressing\"}": { ".": {}, "f:lastTransitionTime": {}, "f:lastUpdateTime": {}, "f:message": {}, "f:reason": {}, "f:status": {}, "f:type": {} } }, "f:observedGeneration": {}, "f:readyReplicas": {}, "f:replicas": {}, "f:updatedReplicas": {} } }, "manager": "kube-controller-manager", "operation": "Update", "time": "2022-03-17T08:55:52Z" } ], "name": "konnectivity-agent", "namespace": "kube-system", "resourceVersion": "280105", "uid": "d3b49e97-7bac-435e-bfc6-19a25fe494fe" }, "spec": { "progressDeadlineSeconds": 600, "replicas": 6, "revisionHistoryLimit": 10, "selector": { "matchLabels": { "k8s-app": "konnectivity-agent" } }, "strategy": { "rollingUpdate": { "maxSurge": "25%", "maxUnavailable": "25%" }, "type": "RollingUpdate" }, "template": { "metadata": { "annotations": { "cluster-autoscaler.kubernetes.io/safe-to-evict": "true", "components.gke.io/component-name": "konnectivitynetworkproxy-combined", "components.gke.io/component-version": "1.3.3" }, "creationTimestamp": null, "labels": { "k8s-app": "konnectivity-agent" } }, "spec": { "containers": [ { "args": [ "--logtostderr=true", "--ca-cert=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt", "--proxy-server-host=34.75.195.103", "--proxy-server-port=8132", "--health-server-port=8093", "--admin-server-port=8094", "--sync-interval=5s", "--probe-interval=5s", "--service-account-token-path=/var/run/secrets/tokens/konnectivity-agent-token", "--v=3" ], "command": [ "/proxy-agent" ], "env": [ { "name": "POD_NAME", "valueFrom": { "fieldRef": { "apiVersion": "v1", "fieldPath": "metadata.name" } } }, { "name": "POD_NAMESPACE", "valueFrom": { "fieldRef": { "apiVersion": "v1", "fieldPath": "metadata.namespace" } } } ], "image": "gke.gcr.io/proxy-agent:v0.0.24-gke.0", "imagePullPolicy": "IfNotPresent", "livenessProbe": { "failureThreshold": 3, "httpGet": { "path": "/healthz", "port": 8093, "scheme": "HTTP" }, "initialDelaySeconds": 15, "periodSeconds": 10, "successThreshold": 1, "timeoutSeconds": 15 }, "name": "konnectivity-agent", "ports": [ { "containerPort": 8093, "name": "metrics", "protocol": "TCP" } ], "resources": { "limits": { "memory": "125Mi" }, "requests": { "cpu": "10m", "memory": "30Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "all" ] } }, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File", "volumeMounts": [ { "mountPath": "/var/run/secrets/tokens", "name": "konnectivity-agent-token" } ] } ], "dnsPolicy": "ClusterFirst", "nodeSelector": { "beta.kubernetes.io/os": "linux" }, "priorityClassName": "system-cluster-critical", "restartPolicy": "Always", "schedulerName": "default-scheduler", "securityContext": { "fsGroup": 1000, "runAsGroup": 1000, "runAsUser": 1000 }, "serviceAccount": "konnectivity-agent", "serviceAccountName": "konnectivity-agent", "terminationGracePeriodSeconds": 30, "tolerations": [ { "key": "CriticalAddonsOnly", "operator": "Exists" }, { "effect": "NoSchedule", "key": "sandbox.gke.io/runtime", "operator": "Equal", "value": "gvisor" }, { "key": "components.gke.io/gke-managed-components", "operator": "Exists" } ], "topologySpreadConstraints": [ { "labelSelector": { "matchLabels": { "k8s-app": "konnectivity-agent" } }, "maxSkew": 1, "topologyKey": "topology.kubernetes.io/zone", "whenUnsatisfiable": "ScheduleAnyway" }, { "labelSelector": { "matchLabels": { "k8s-app": "konnectivity-agent" } }, "maxSkew": 1, "topologyKey": "kubernetes.io/hostname", "whenUnsatisfiable": "ScheduleAnyway" } ], "volumes": [ { "name": "konnectivity-agent-token", "projected": { "defaultMode": 420, "sources": [ { "serviceAccountToken": { "audience": "system:konnectivity-server", "expirationSeconds": 3600, "path": "konnectivity-agent-token" } } ] } } ] } } }, "status": { "availableReplicas": 6, "conditions": [ { "lastTransitionTime": "2022-03-17T08:55:41Z", "lastUpdateTime": "2022-03-17T08:55:41Z", "message": "ReplicaSet \"konnectivity-agent-56c9b8cf8\" has successfully progressed.", "reason": "NewReplicaSetAvailable", "status": "True", "type": "Progressing" }, { "lastTransitionTime": "2022-03-17T08:55:52Z", "lastUpdateTime": "2022-03-17T08:55:52Z", "message": "Deployment has minimum availability.", "reason": "MinimumReplicasAvailable", "status": "True", "type": "Available" } ], "observedGeneration": 2, "readyReplicas": 6, "replicas": 6, "updatedReplicas": 6 } }, "serviceName": "k8s.io", "status": {} }, "receiveTimestamp": "2022-03-21T19:46:38.090036928Z", "resource": { "labels": { "cluster_name": "iammai-340819-gke-cluster", "location": "us-east1", "project_id": "iammai-340819" }, "type": "k8s_cluster" }, "timestamp": "2022-03-21T19:46:36.090498Z" }
 {"insertId":"15ciwwfd47gm","logName":"projects/elastic/logs/cloudaudit.googleapis.com%2Fdata_access","protoPayload":{"@type":"type.googleapis.com/google.cloud.audit.AuditLog","authenticationInfo":{"principalEmail":"service-150691754250@container-engine-robot.iam.gserviceaccount.com","principalSubject":"serviceAccount:service-150691754250@container-engine-robot.iam.gserviceaccount.com"},"authorizationInfo":[{"granted":true,"permission":"container.clusters.get","resourceAttributes":{}}],"methodName":"google.container.v1.ClusterManager.GetCluster","policyViolationInfo":{"orgPolicyViolationInfo":{}},"request":{"@type":"type.googleapis.com/google.container.v1alpha1.GetClusterRequest","name":"projects/elastic-product/locations/us-central1-a/clusters/demo-elastic-co"},"requestMetadata":{"callerIp":"192.168.1.1","callerSuppliedUserAgent":"google-api-go-client/0.5 cluster-autoscaler,gzip(gfe)","destinationAttributes":{},"requestAttributes":{"auth":{},"time":"2022-06-01T11:15:10.836131149Z"}},"resourceLocation":{"currentLocations":["us-central1-a"]},"resourceName":"projects/elastic-product/zones/us-central1-a/clusters/demo-elastic-co","serviceName":"container.googleapis.com"},"receiveTimestamp":"2022-06-01T11:15:11.07151757Z","resource":{"labels":{"cluster_name":"demo-elastic-co","location":"us-central1-a","project_id":"elastic-product"},"type":"gke_cluster"},"severity":"INFO","timestamp":"2022-06-01T11:15:10.842495409Z","logging.googleapis.com/timestamp":"2022-06-01T11:15:10.842495409Z"}
 {"insertId":"4pyr6eegiuw1","logName":"projects/elastic/logs/cloudaudit.googleapis.com%2Fdata_access","protoPayload":{"@type":"type.googleapis.com/google.cloud.audit.AuditLog","authenticationInfo":{"principalEmail":"xxx-compute@developer.gserviceaccount.com","serviceAccountDelegationInfo":[{}]},"authorizationInfo":[{"granted":true,"permission":"storage.objects.get","resource":"projects/_/buckets/dataflow-staging-us-central1-xxx/objects/staging/xxx.jar","resourceAttributes":{}}],"methodName":"storage.objects.get","requestMetadata":{"callerSuppliedUserAgent":"BigstoreFile BigstoreIO (cr/xxx) ","destinationAttributes":{},"requestAttributes":{"auth":{},"time":"2022-06-01T11:19:08.205760711Z"}},"resourceLocation":{"currentLocations":["us-central1"]},"resourceName":"projects/_/buckets/dataflow-staging-us-central1-xxx/objects/staging/jfxrt-xxx.jar","serviceName":"storage.googleapis.com","status":{}},"receiveTimestamp":"2022-06-01T11:19:08.699785539Z","resource":{"labels":{"bucket_name":"dataflow-staging-us-central1-150691754250","location":"us-central1","project_id":"elastic-product"},"type":"gcs_bucket"},"severity":"INFO","timestamp":"2022-06-01T11:19:08.199407722Z","logging.googleapis.com/timestamp":"2022-06-01T11:19:08.199407722Z"}
+{"insertId":"15ciwwfd47gf","logName":"projects/elastic/logs/cloudaudit.googleapis.com%2Fdata_access","protoPayload":{"@type":"type.googleapis.com/google.cloud.audit.AuditLog","authenticationInfo":{"principalEmail":"service-150691754250@container-engine-robot.iam.gserviceaccount.com","principalSubject":"serviceAccount:service-150691754250@container-engine-robot.iam.gserviceaccount.com"},"authorizationInfo":[{"granted":true,"permission":"container.clusters.get","resourceAttributes":{}}],"methodName":"google.container.v1.ClusterManager.GetCluster","policyViolationInfo":{"orgPolicyViolationInfo":{}},"request":{"@type":"type.googleapis.com/google.container.v1alpha1.GetClusterRequest","name":"projects/elastic-product/locations/us-central1-a/clusters/demo-elastic-co","policy":"scalar-policy"},"requestMetadata":{"callerIp":"192.168.1.1","callerSuppliedUserAgent":"google-api-go-client/0.5 cluster-autoscaler,gzip(gfe)","destinationAttributes":{},"requestAttributes":{"auth":{},"time":"2022-06-01T11:15:10.836131149Z"}},"resourceLocation":{"currentLocations":["us-central1-a"]},"resourceName":"projects/elastic-product/zones/us-central1-a/clusters/demo-elastic-co","serviceName":"container.googleapis.com"},"receiveTimestamp":"2022-06-01T11:15:11.07151757Z","resource":{"labels":{"cluster_name":"demo-elastic-co","location":"us-central1-a","project_id":"elastic-product"},"type":"gke_cluster"},"severity":"INFO","timestamp":"2022-06-01T11:15:10.842495409Z","logging.googleapis.com/timestamp":"2022-06-01T11:15:10.842495409Z"}