Skip to content

[Cloud Security] add CDR related data streams to kibana_system priviliges #112655

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 11, 2024
Merged

[Cloud Security] add CDR related data streams to kibana_system priviliges #112655

merged 1 commit into from
Sep 11, 2024

Conversation

@maxcold
Copy link
Contributor

@maxcold maxcold commented Sep 9, 2024

Summary

The Cloud Security team has identified some integrations that provide Cloud Detection&Response (CDR)-related data. More on this list is available at https://github.com/elastic/security-team/issues/10302. To decouple the work on adoption for these integrations for Cloud Security flows in Kibana from the stack releases, adding these existing data streams to the kibana_system privileges. This is required for the latest transforms to work

@maxcold maxcold added >non-issue :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC Team:Cloud Security Meta label for Cloud Security team v8.16.0 labels Sep 9, 2024
@elasticsearchmachine elasticsearchmachine added the external-contributor Pull request authored by a developer outside the Elasticsearch team label Sep 9, 2024
@maxcold maxcold marked this pull request as ready for review September 9, 2024 13:56
@maxcold maxcold requested a review from a team as a code owner September 9, 2024 13:56
@elasticsearchmachine elasticsearchmachine added the Team:Security Meta label for security team label Sep 9, 2024
@elasticsearchmachine
Copy link
Collaborator

elasticsearchmachine commented Sep 9, 2024

Pinging @elastic/es-security (Team:Security)

jeramysoucy
jeramysoucy approved these changes Sep 10, 2024
View reviewed changes
Copy link

@jeramysoucy jeramysoucy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're ok with adding these additional read-only privileges, but please make sure all system-accessible indices get documented appropriately (see #112192 (comment)). Could you please link to the issue or PR where you intend to make these doc changes? Thanks!

@maxcold
Copy link
Contributor Author

maxcold commented Sep 11, 2024

@jeramysoucy created an issue to track the documentation effort https://github.com/elastic/security-team/issues/10540

@maxcold maxcold force-pushed the csp-add-cdr-data-streams-to-kibana-system branch from 2bc6fdb to 43d7dcd Compare September 11, 2024 14:35
@maxcold maxcold merged commit d16a27e into elastic:main Sep 11, 2024
@maxcold maxcold deleted the csp-add-cdr-data-streams-to-kibana-system branch September 11, 2024 16:05
v1v added a commit to v1v/elasticsearch that referenced this pull request Sep 12, 2024
@v1v
Merge remote-tracking branch 'upstream/main' into feature/bump-automa…
48c937f 
…tion-ironbank-ubi

* upstream/main: (302 commits)
  Deduplicate BucketOrder when deserializing (elastic#112707)
  Introduce test utils for ingest pipelines (elastic#112733)
  [Test] Account for auto-repairing for shard gen file (elastic#112778)
  Do not throw in task enqueued by CancellableRunner (elastic#112780)
  Mute org.elasticsearch.script.StatsSummaryTests testEqualsAndHashCode elastic#112439
  Mute org.elasticsearch.repositories.blobstore.testkit.integrity.RepositoryVerifyIntegrityIT testTransportException elastic#112779
  Use a dedicated test executor in MockTransportService (elastic#112748)
  Estimate segment field usages (elastic#112760)
  (Doc+) Inference Pipeline ignores Mapping Analyzers (elastic#112522)
  Fix verifyVersions task (elastic#112765)
  (Doc+) Terminating Exit Codes (elastic#112530)
  (Doc+) CAT Nodes default columns (elastic#112715)
  [DOCS] Augment installation warnings (elastic#112756)
  Mute org.elasticsearch.repositories.blobstore.testkit.integrity.RepositoryVerifyIntegrityIT testCorruption elastic#112769
  Bump Elasticsearch to a minimum of JDK 21 (elastic#112252)
  ESQL: Compute support for filtering ungrouped aggs (elastic#112717)
  Bump Elasticsearch version to 9.0.0 (elastic#112570)
  add CDR related data streams to kibana_system priviliges (elastic#112655)
  Support widening of numeric types in union-types (elastic#112610)
  Introduce data stream options and failure store configuration classes (elastic#109515)
  ...
davidkyle pushed a commit that referenced this pull request Sep 12, 2024
@maxcold @davidkyle
add CDR related data streams to kibana_system priviliges (#112655)
b9b62db
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeramysoucy jeramysoucy jeramysoucy approved these changes

@kcreddy kcreddy Awaiting requested review from kcreddy

@kfirpeled kfirpeled Awaiting requested review from kfirpeled

@eyalkraft eyalkraft Awaiting requested review from eyalkraft

@CohenIdo CohenIdo Awaiting requested review from CohenIdo

Assignees

No one assigned

Labels

external-contributor Pull request authored by a developer outside the Elasticsearch team >non-issue :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC Team:Cloud Security Meta label for Cloud Security team Team:Security Meta label for security team v8.16.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@maxcold @elasticsearchmachine @jeramysoucy