diff --git a/packages/cloud_security_posture/changelog.yml b/packages/cloud_security_posture/changelog.yml
index 1d8c3e6f07b..a394bbc6b24 100644
--- a/packages/cloud_security_posture/changelog.yml
+++ b/packages/cloud_security_posture/changelog.yml
@@ -9,6 +9,11 @@
 # 1.4.x - 8.9.x
 # 1.3.x - 8.8.x
 # 1.2.x - 8.7.x
+- version: "1.10.0-preview04"
+  changes:
+    - description: Support conditions in CSPM and KSPM
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/10298
 - version: "1.10.0-preview03"
   changes:
     - description: Change field type to password where isSecret is true
diff --git a/packages/cloud_security_posture/data_stream/findings/agent/stream/aws.yml.hbs b/packages/cloud_security_posture/data_stream/findings/agent/stream/aws.yml.hbs
index 9ea9fd1e0ce..60cb536938c 100644
--- a/packages/cloud_security_posture/data_stream/findings/agent/stream/aws.yml.hbs
+++ b/packages/cloud_security_posture/data_stream/findings/agent/stream/aws.yml.hbs
@@ -35,4 +35,7 @@ config:
         {{#if role_arn}}
         role_arn: {{role_arn}}
         {{/if}}
-        type: {{aws.credentials.type}}
\ No newline at end of file
+        type: {{aws.credentials.type}}
+{{#if condition}}
+condition: {{ condition }}
+{{/if}}
diff --git a/packages/cloud_security_posture/data_stream/findings/agent/stream/azure.yml.hbs b/packages/cloud_security_posture/data_stream/findings/agent/stream/azure.yml.hbs
index d554411cce6..57fe0d3c993 100644
--- a/packages/cloud_security_posture/data_stream/findings/agent/stream/azure.yml.hbs
+++ b/packages/cloud_security_posture/data_stream/findings/agent/stream/azure.yml.hbs
@@ -34,3 +34,7 @@ config:
         {{#if azure.credentials.client_certificate_password}}
         client_certificate_password: {{azure.credentials.client_certificate_password}}
         {{/if}}
+{{#if condition}}
+condition: {{ condition }}
+{{/if}}
+
diff --git a/packages/cloud_security_posture/data_stream/findings/agent/stream/eks.yml.hbs b/packages/cloud_security_posture/data_stream/findings/agent/stream/eks.yml.hbs
index d369c0dc7ba..19ca5818700 100644
--- a/packages/cloud_security_posture/data_stream/findings/agent/stream/eks.yml.hbs
+++ b/packages/cloud_security_posture/data_stream/findings/agent/stream/eks.yml.hbs
@@ -96,3 +96,6 @@ credential_profile_name: {{credential_profile_name}}
 {{#if role_arn}}
 role_arn: {{role_arn}}
 {{/if}}
+{{#if condition}}
+condition: {{ condition }}
+{{/if}}
diff --git a/packages/cloud_security_posture/data_stream/findings/agent/stream/gcp.yml.hbs b/packages/cloud_security_posture/data_stream/findings/agent/stream/gcp.yml.hbs
index 2f57243d5ae..3a31daa46f1 100644
--- a/packages/cloud_security_posture/data_stream/findings/agent/stream/gcp.yml.hbs
+++ b/packages/cloud_security_posture/data_stream/findings/agent/stream/gcp.yml.hbs
@@ -23,3 +23,6 @@ config:
         {{#if gcp.credentials.json}}
         credentials_json: '{{gcp.credentials.json}}'
         {{/if}}
+{{#if condition}}
+condition: {{ condition }}
+{{/if}}
diff --git a/packages/cloud_security_posture/data_stream/findings/agent/stream/vanilla.yml.hbs b/packages/cloud_security_posture/data_stream/findings/agent/stream/vanilla.yml.hbs
index 64e9bb5ed2c..d3302db5e67 100644
--- a/packages/cloud_security_posture/data_stream/findings/agent/stream/vanilla.yml.hbs
+++ b/packages/cloud_security_posture/data_stream/findings/agent/stream/vanilla.yml.hbs
@@ -133,3 +133,7 @@ runtime_cfg:
       - cis_5_2_8
       - cis_5_2_9
       - cis_5_2_10
+
+{{#if condition}}
+condition: {{ condition }}
+{{/if}}
diff --git a/packages/cloud_security_posture/data_stream/findings/manifest.yml b/packages/cloud_security_posture/data_stream/findings/manifest.yml
index 227d0bdecc8..00738d6a404 100644
--- a/packages/cloud_security_posture/data_stream/findings/manifest.yml
+++ b/packages/cloud_security_posture/data_stream/findings/manifest.yml
@@ -13,12 +13,29 @@ streams:
     description: CIS Benchmark for Kubernetes
     template_path: vanilla.yml.hbs
     enabled: false
+    vars:
+      - name: condition
+        title: Condition
+        description: |
+          Condition to filter when to collect this input. See [Dynamic Input Configuration](https://www.elastic.co/guide/en/fleet/current/dynamic-input-configuration.html) for details.
+        type: text
+        multi: false
+        required: false
+        show_user: false
   - input: cloudbeat/cis_eks
     title: Amazon EKS Benchmark
     description: CIS Benchmark for Amazon Elastic Kubernetes Service (EKS)
     template_path: eks.yml.hbs
     enabled: false
     vars:
+      - name: condition
+        title: Condition
+        description: |
+          Condition to filter when to collect this input. See [Dynamic Input Configuration](https://www.elastic.co/guide/en/fleet/current/dynamic-input-configuration.html) for details.
+        type: text
+        multi: false
+        required: false
+        show_user: false
       - name: access_key_id
         type: text
         title: Access Key ID
@@ -69,6 +86,14 @@ streams:
     template_path: aws.yml.hbs
     enabled: false
     vars:
+      - name: condition
+        title: Condition
+        description: |
+          Condition to filter when to collect this input. See [Dynamic Input Configuration](https://www.elastic.co/guide/en/fleet/current/dynamic-input-configuration.html) for details.
+        type: text
+        multi: false
+        required: false
+        show_user: false
       - name: access_key_id
         type: text
         title: Access Key ID
@@ -125,6 +150,14 @@ streams:
     template_path: gcp.yml.hbs
     enabled: false
     vars:
+      - name: condition
+        title: Condition
+        description: |
+          Condition to filter when to collect this input. See [Dynamic Input Configuration](https://www.elastic.co/guide/en/fleet/current/dynamic-input-configuration.html) for details.
+        type: text
+        multi: false
+        required: false
+        show_user: false
       - name: gcp.account_type
         type: text
         title: Account Type
@@ -168,6 +201,14 @@ streams:
     template_path: azure.yml.hbs
     enabled: false
     vars:
+      - name: condition
+        title: Condition
+        description: |
+          Condition to filter when to collect this input. See [Dynamic Input Configuration](https://www.elastic.co/guide/en/fleet/current/dynamic-input-configuration.html) for details.
+        type: text
+        multi: false
+        required: false
+        show_user: false
       - name: azure.account_type
         type: text
         title: Account type
diff --git a/packages/cloud_security_posture/manifest.yml b/packages/cloud_security_posture/manifest.yml
index cb900596b0f..befea2f0b73 100644
--- a/packages/cloud_security_posture/manifest.yml
+++ b/packages/cloud_security_posture/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 3.0.0
 name: cloud_security_posture
 title: "Security Posture Management"
-version: "1.10.0-preview03"
+version: "1.10.0-preview04"
 source:
   license: "Elastic-2.0"
 description: "Identify & remediate configuration risks in your Cloud infrastructure"