From c68111291f1f6801c98989e5b182a3929147044a Mon Sep 17 00:00:00 2001 From: Amir Ben Nun Date: Tue, 9 Sep 2025 18:21:07 +0300 Subject: [PATCH 1/7] ARM url --- packages/cloud_security_posture/manifest.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/packages/cloud_security_posture/manifest.yml b/packages/cloud_security_posture/manifest.yml index 74e76f2eb9a..561b1696fb3 100644 --- a/packages/cloud_security_posture/manifest.yml +++ b/packages/cloud_security_posture/manifest.yml @@ -169,6 +169,15 @@ policy_templates: description: A URL to the ARM Template for creating a new deployment # ACCOUNT_TYPE value should be either "single-account" or "organization-account" default: https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Felastic%2Fcloudbeat%2F8.19%2Fdeploy%2Fazure%2FARM-for-ACCOUNT_TYPE.json + - name: arm_template_cloud_connector_url + type: text + title: ARM Cloud Connectors Template URL + multi: false + required: true + show_user: false + description: A URL to the ARM Template for creating a Cloud Connectors managed identity + # ACCOUNT_TYPE value should be either "single-account" or "organization-account" + default: https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Felastic%2Fcloudbeat%2Fmain%2Fdeploy%2Fazure%2FARM-for-cloud-connectors-ACCOUNT_TYPE.json - name: vuln_mgmt title: Cloud Native Vulnerability Management (CNVM) description: Scan for cloud workload vulnerabilities From 8707e0d477a3a639454979fabd6a98f3cf5d8034 Mon Sep 17 00:00:00 2001 From: Amir Ben Nun Date: Tue, 9 Sep 2025 18:21:41 +0300 Subject: [PATCH 2/7] cloud connector parameters --- .../data_stream/findings/manifest.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/packages/cloud_security_posture/data_stream/findings/manifest.yml b/packages/cloud_security_posture/data_stream/findings/manifest.yml index 2c279152e76..32b4006eaa7 100644 --- a/packages/cloud_security_posture/data_stream/findings/manifest.yml +++ b/packages/cloud_security_posture/data_stream/findings/manifest.yml @@ -323,6 +323,13 @@ streams: - name: azure.credentials.client_certificate_path - name: azure.credentials.tenant_id - name: azure.credentials.client_certificate_password + single_account_cloud_connectors_federated_identity: + - name: azure.account_type + value: single-account + - name: azure.credentials.type + value: cloud_connectors_federated_identity + - name: azure.credentials.client_id + - name: azure.credentials.tenant_id single_account_arm_template: - name: azure.account_type value: single-account From edab06ced0f8b6f9c7698505bdcd0ed8212c940d Mon Sep 17 00:00:00 2001 From: Amir Ben Nun Date: Tue, 9 Sep 2025 18:38:25 +0300 Subject: [PATCH 3/7] versions --- packages/cloud_security_posture/changelog.yml | 6 ++++++ packages/cloud_security_posture/manifest.yml | 4 ++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/packages/cloud_security_posture/changelog.yml b/packages/cloud_security_posture/changelog.yml index 939ebc8f034..d829449aae0 100644 --- a/packages/cloud_security_posture/changelog.yml +++ b/packages/cloud_security_posture/changelog.yml @@ -1,6 +1,7 @@ # newer versions go on top # version map: # IMPORTANT: this map doesn't apply to serverless where package availability depends on the spec version https://github.com/elastic/kibana/blob/main/config/serverless.yml#L14-L15 +# 3.1.x - 9.2.x # 3.0.x - 9.1.x # 2.0.x - 8.19.x # 1.13.x - 8.18.x, 9.0.x @@ -15,6 +16,11 @@ # 1.4.x - 8.9.x # 1.3.x - 8.8.x # 1.2.x - 8.7.x +- version: "3.1.0-preview01" + changes: + - description: Add Cloud Connectors variables for Azure CSPM input + type: enhancement + link: - version: "3.0.1" changes: - description: Save GCP Project ID as string diff --git a/packages/cloud_security_posture/manifest.yml b/packages/cloud_security_posture/manifest.yml index 561b1696fb3..0c2eceb2a35 100644 --- a/packages/cloud_security_posture/manifest.yml +++ b/packages/cloud_security_posture/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.3.2 name: cloud_security_posture title: "Security Posture Management" -version: "3.0.1" +version: "3.0.2-preview01" source: license: "Elastic-2.0" description: "Identify & remediate configuration risks in your Cloud infrastructure" @@ -11,7 +11,7 @@ categories: - cloudsecurity_cdr conditions: kibana: - version: "^9.1.0" + version: "^9.2.0" elastic: subscription: basic capabilities: From a8422bc88d310b52495e1e7dd8d4d332224a6e2c Mon Sep 17 00:00:00 2001 From: Amir Ben Nun Date: Tue, 9 Sep 2025 18:41:45 +0300 Subject: [PATCH 4/7] pr --- packages/cloud_security_posture/changelog.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/cloud_security_posture/changelog.yml b/packages/cloud_security_posture/changelog.yml index d829449aae0..31f48ccdc9a 100644 --- a/packages/cloud_security_posture/changelog.yml +++ b/packages/cloud_security_posture/changelog.yml @@ -20,7 +20,7 @@ changes: - description: Add Cloud Connectors variables for Azure CSPM input type: enhancement - link: + link: https://github.com/elastic/integrations/pull/15255 - version: "3.0.1" changes: - description: Save GCP Project ID as string From 19cb84f6a13b85dcbf4b83b6cf6fcd02c21636ad Mon Sep 17 00:00:00 2001 From: Amir Ben Nun Date: Wed, 10 Sep 2025 09:59:39 +0300 Subject: [PATCH 5/7] rename --- .../cloud_security_posture/data_stream/findings/manifest.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/cloud_security_posture/data_stream/findings/manifest.yml b/packages/cloud_security_posture/data_stream/findings/manifest.yml index 32b4006eaa7..d9420eaa760 100644 --- a/packages/cloud_security_posture/data_stream/findings/manifest.yml +++ b/packages/cloud_security_posture/data_stream/findings/manifest.yml @@ -323,11 +323,11 @@ streams: - name: azure.credentials.client_certificate_path - name: azure.credentials.tenant_id - name: azure.credentials.client_certificate_password - single_account_cloud_connectors_federated_identity: + single_account_cloud_connectors: - name: azure.account_type value: single-account - name: azure.credentials.type - value: cloud_connectors_federated_identity + value: cloud_connectors - name: azure.credentials.client_id - name: azure.credentials.tenant_id single_account_arm_template: From 7b9661f58c25e4993da2c4cbd8f24ac77fb5fdc9 Mon Sep 17 00:00:00 2001 From: Amir Ben Nun Date: Wed, 10 Sep 2025 10:01:26 +0300 Subject: [PATCH 6/7] rename --- packages/cloud_security_posture/manifest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/cloud_security_posture/manifest.yml b/packages/cloud_security_posture/manifest.yml index 0c2eceb2a35..ef1f67b7efd 100644 --- a/packages/cloud_security_posture/manifest.yml +++ b/packages/cloud_security_posture/manifest.yml @@ -169,7 +169,7 @@ policy_templates: description: A URL to the ARM Template for creating a new deployment # ACCOUNT_TYPE value should be either "single-account" or "organization-account" default: https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Felastic%2Fcloudbeat%2F8.19%2Fdeploy%2Fazure%2FARM-for-ACCOUNT_TYPE.json - - name: arm_template_cloud_connector_url + - name: arm_template_cloud_connectors_url type: text title: ARM Cloud Connectors Template URL multi: false From 97b833147c55e2aad11ee6ad5a89ab6954b11748 Mon Sep 17 00:00:00 2001 From: Amir Ben Nun Date: Wed, 10 Sep 2025 16:05:48 +0300 Subject: [PATCH 7/7] align --- packages/cloud_security_posture/manifest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/cloud_security_posture/manifest.yml b/packages/cloud_security_posture/manifest.yml index ef1f67b7efd..819af068712 100644 --- a/packages/cloud_security_posture/manifest.yml +++ b/packages/cloud_security_posture/manifest.yml @@ -1,7 +1,7 @@ format_version: 3.3.2 name: cloud_security_posture title: "Security Posture Management" -version: "3.0.2-preview01" +version: "3.1.0-preview01" source: license: "Elastic-2.0" description: "Identify & remediate configuration risks in your Cloud infrastructure"