Skip to content

Commit

Permalink
[8.x] [Security Solution] Add csp-rule-template to the Security Defau…
Browse files Browse the repository at this point in the history 
…lt Saved Objects (#194224) (#195338)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution] Add csp-rule-template to the Security Default
Saved Objects (#194224)](#194224)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Paulo
Silva","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-08T01:43:49Z","message":"[Security
Solution] Add csp-rule-template to the Security Default Saved Objects
(#194224)\n\n## Summary\r\n\r\nThis PR fixes #189538, by adding
`csp-rule-template` to the Security\r\nDefault Saved
Objects.\r\n\r\nThis allows users with the
[viewer\r\nrole](https://www.elastic.co/docs/current/serverless/general/assign-user-roles)\r\nto
Security projects in Serverless to see the [Cloud Security
Posture\r\nBenchmark\r\nrules](https://github.com/elastic/integrations/tree/main/packages/cloud_security_posture/kibana/csp_rule_template)\r\nthat
are stored as saved objects installed with the Cloud Security\r\nPosture
integration.\r\n\r\n\r\n###
Snapshots\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/95b92570-ac7a-42b5-b89f-a02d5b94f3b0)\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/a2aeb0a6-d10e-4864-84b9-9eaffe8ec3a2)\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/9eb9fb82-3fe6-4b6d-8523-566d406406ce)\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/37ebc71a-54be-4a7c-b5f8-37a1d6467816)","sha":"3862012a31d333a75955ea5de3bc76bdcdbc656a","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v9.0.0","Team:
SecuritySolution","Team:Cloud
Security","v8.16.0","backport:version"],"title":"[Security Solution] Add
csp-rule-template to the Security Default Saved
Objects","number":194224,"url":"https://github.com/elastic/kibana/pull/194224","mergeCommit":{"message":"[Security
Solution] Add csp-rule-template to the Security Default Saved Objects
(#194224)\n\n## Summary\r\n\r\nThis PR fixes #189538, by adding
`csp-rule-template` to the Security\r\nDefault Saved
Objects.\r\n\r\nThis allows users with the
[viewer\r\nrole](https://www.elastic.co/docs/current/serverless/general/assign-user-roles)\r\nto
Security projects in Serverless to see the [Cloud Security
Posture\r\nBenchmark\r\nrules](https://github.com/elastic/integrations/tree/main/packages/cloud_security_posture/kibana/csp_rule_template)\r\nthat
are stored as saved objects installed with the Cloud Security\r\nPosture
integration.\r\n\r\n\r\n###
Snapshots\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/95b92570-ac7a-42b5-b89f-a02d5b94f3b0)\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/a2aeb0a6-d10e-4864-84b9-9eaffe8ec3a2)\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/9eb9fb82-3fe6-4b6d-8523-566d406406ce)\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/37ebc71a-54be-4a7c-b5f8-37a1d6467816)","sha":"3862012a31d333a75955ea5de3bc76bdcdbc656a"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194224","number":194224,"mergeCommit":{"message":"[Security
Solution] Add csp-rule-template to the Security Default Saved Objects
(#194224)\n\n## Summary\r\n\r\nThis PR fixes #189538, by adding
`csp-rule-template` to the Security\r\nDefault Saved
Objects.\r\n\r\nThis allows users with the
[viewer\r\nrole](https://www.elastic.co/docs/current/serverless/general/assign-user-roles)\r\nto
Security projects in Serverless to see the [Cloud Security
Posture\r\nBenchmark\r\nrules](https://github.com/elastic/integrations/tree/main/packages/cloud_security_posture/kibana/csp_rule_template)\r\nthat
are stored as saved objects installed with the Cloud Security\r\nPosture
integration.\r\n\r\n\r\n###
Snapshots\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/95b92570-ac7a-42b5-b89f-a02d5b94f3b0)\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/a2aeb0a6-d10e-4864-84b9-9eaffe8ec3a2)\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/9eb9fb82-3fe6-4b6d-8523-566d406406ce)\r\n\r\n\r\n![image](https://github.com/user-attachments/assets/37ebc71a-54be-4a7c-b5f8-37a1d6467816)","sha":"3862012a31d333a75955ea5de3bc76bdcdbc656a"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Paulo Silva <[email protected]>
  • Loading branch information
@kibanamachine @opauloh
kibanamachine and opauloh authored Oct 8, 2024
1 parent 72b6f86 commit fcd831c
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 0 deletions.
3 changes: 3 additions & 0 deletions ...k/plugins/security_solution/server/lib/product_features_service/security_saved_objects.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ import { savedObjectTypes } from '../../saved_objects';
// Same as the saved-object type for rules defined by Cloud Security Posture
const CLOUD_POSTURE_SAVED_OBJECT_RULE_TYPE = 'csp_rule';
const CLOUD_SECURITY_POSTURE_SETTINGS = 'cloud-security-posture-settings';
// Benchmark Rule Templates installed by the Cloud Security Posture package stored as Saved Objects:
const CLOUD_SECURITY_POSTURE_BENCHMARK_RULE_TEMPLATE = 'csp-rule-template';

export const securityDefaultSavedObjects = [
'exception-list',
Expand All @@ -20,4 +22,5 @@ export const securityDefaultSavedObjects = [
...savedObjectTypes,
CLOUD_POSTURE_SAVED_OBJECT_RULE_TYPE,
CLOUD_SECURITY_POSTURE_SETTINGS,
CLOUD_SECURITY_POSTURE_BENCHMARK_RULE_TEMPLATE,
];
34 changes: 34 additions & 0 deletions ...k/test_serverless/api_integration/test_suites/security/platform_security/authorization.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -397,6 +397,18 @@ export default function ({ getService }: FtrProviderContext) {
"saved_object:cloud-security-posture-settings/delete",
"saved_object:cloud-security-posture-settings/bulk_delete",
"saved_object:cloud-security-posture-settings/share_to_space",
"saved_object:csp-rule-template/bulk_get",
"saved_object:csp-rule-template/get",
"saved_object:csp-rule-template/find",
"saved_object:csp-rule-template/open_point_in_time",
"saved_object:csp-rule-template/close_point_in_time",
"saved_object:csp-rule-template/create",
"saved_object:csp-rule-template/bulk_create",
"saved_object:csp-rule-template/update",
"saved_object:csp-rule-template/bulk_update",
"saved_object:csp-rule-template/delete",
"saved_object:csp-rule-template/bulk_delete",
"saved_object:csp-rule-template/share_to_space",
"saved_object:telemetry/bulk_get",
"saved_object:telemetry/get",
"saved_object:telemetry/find",
Expand Down Expand Up @@ -1242,6 +1254,18 @@ export default function ({ getService }: FtrProviderContext) {
"saved_object:cloud-security-posture-settings/delete",
"saved_object:cloud-security-posture-settings/bulk_delete",
"saved_object:cloud-security-posture-settings/share_to_space",
"saved_object:csp-rule-template/bulk_get",
"saved_object:csp-rule-template/get",
"saved_object:csp-rule-template/find",
"saved_object:csp-rule-template/open_point_in_time",
"saved_object:csp-rule-template/close_point_in_time",
"saved_object:csp-rule-template/create",
"saved_object:csp-rule-template/bulk_create",
"saved_object:csp-rule-template/update",
"saved_object:csp-rule-template/bulk_update",
"saved_object:csp-rule-template/delete",
"saved_object:csp-rule-template/bulk_delete",
"saved_object:csp-rule-template/share_to_space",
"saved_object:telemetry/bulk_get",
"saved_object:telemetry/get",
"saved_object:telemetry/find",
Expand Down Expand Up @@ -1823,6 +1847,11 @@ export default function ({ getService }: FtrProviderContext) {
"saved_object:cloud-security-posture-settings/find",
"saved_object:cloud-security-posture-settings/open_point_in_time",
"saved_object:cloud-security-posture-settings/close_point_in_time",
"saved_object:csp-rule-template/bulk_get",
"saved_object:csp-rule-template/get",
"saved_object:csp-rule-template/find",
"saved_object:csp-rule-template/open_point_in_time",
"saved_object:csp-rule-template/close_point_in_time",
"saved_object:config/bulk_get",
"saved_object:config/get",
"saved_object:config/find",
Expand Down Expand Up @@ -2184,6 +2213,11 @@ export default function ({ getService }: FtrProviderContext) {
"saved_object:cloud-security-posture-settings/find",
"saved_object:cloud-security-posture-settings/open_point_in_time",
"saved_object:cloud-security-posture-settings/close_point_in_time",
"saved_object:csp-rule-template/bulk_get",
"saved_object:csp-rule-template/get",
"saved_object:csp-rule-template/find",
"saved_object:csp-rule-template/open_point_in_time",
"saved_object:csp-rule-template/close_point_in_time",
"saved_object:config/bulk_get",
"saved_object:config/get",
"saved_object:config/find",
Expand Down

0 comments on commit fcd831c

Please sign in to comment.