[Cloud Security] limit setup options for Agentless CSPM #172562
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
maxcold
added
release_note:skip
maxcold
force-pushed
the
csp-agentless-selector
branch
from
dc55d19 to
48b5d37
Compare
|
/ci |
|
/ci |
|
Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security) |
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
Unknown metric groupsESLint disabled line counts
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: |
1 task
maxcold
added a commit
that referenced
this pull request
Dec 27, 2023
…t policy (#173553) ## Summary Right now every Security project in serverless is created with [an Agentless policy](https://github.com/elastic/project-controller/blob/main/internal/project/security/security_kibana_config.go#L80) (gated be the feature flag based on or org id) and in this policy `is_managed` set to `false`. We in Cloud Security want to make the policy managed. This change is to allow us to do that and still be able to install integrations on the policy. In a nutshell, the logic is to force install integration if the agent policy id is `agentless`. If we are not missing something, it should be safe, as when managed, the agentless agent policy won't be available in the list of Existing Hosts and the only way to pick it for installation in the UI is to implement the same logic we implemented in CSP integration in - #171671 - #172562 Part of: - elastic/security-team#8117 ## Screencast https://github.com/elastic/security-team/assets/478762/c41f2f33-0c43-467f-a54a-8710b26a0abc ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Follow up after
Closes
Includes:
How to test
Make sure to have the FF in your
serverless.security.dev.yml(it's similar to thekibana.dev.ymlbut specifically for Serverless Security Projects) enabled. Also specify some serverless project id, to enable the logic ofisServerlessEnabledThe follow the steps from this comment https://github.com/elastic/security-team/issues/7972#issuecomment-1808096052 to have the Agentless artifacts (agent, policy, output, and fleet server host) locally
After that, you should be able to test the flow.
Screencast
screencast-mail.google.com-2023.12.08-16_37_35.webm
Checklist
Delete any items that are not applicable to this PR.