preliminary draft

elastic · Oct 27, 2023 · 5694ec0 · 5694ec0
1 parent a3f3969
commit 5694ec0
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 20 deletions.
diff --git a/docs/cloud-native-security/cspm-get-started-azure.asciidoc b/docs/cloud-native-security/cspm-get-started-azure.asciidoc
@@ -49,38 +49,34 @@ For most users, the simplest option is to use an Azure Resource Manager (ARM) te
 . Under *Setup Access*, select *ARM Template*.
 . Under **Where to add this integration**:
 .. Select **New Hosts**.
-.. Name the {agent} policy. Use a name that matches the purpose or team of the cloud account or accounts you want to monitor. For example, `azure-dev-1`. Click **Save and continue**.
-.. Log into the Azure portal, then return to {kib} and click **Launch ARM Template**. The **Add agent** wizard appears and provides {agent} binaries, which you can download and deploy to a VM in your Azure subscription.
-. Click **Save and continue**.
-+
-image::images/cspm-cloudshell-trust.png[The cloud shell confirmation popup]
-+
-. In Azure, . Once it finishes, return to {kib} and wait for the confirmation of data received from your new integration. Then you can click **View Assets** to see your data.
+.. Name the {agent} policy. Use a name that matches the purpose or team of the cloud account or accounts you want to monitor. For example, `azure-dev-1`. Click **Save and continue**. The *ARM Template deployment* window appears.
+.. In a new tab, log in to the Azure portal, then return to {kib} and click **Launch ARM Template**. This will open the ARM template in Azure.
+.. Copy the `Fleet URL` and `Enrollment Token` that appear in {kib} to the corresponding fields in the ARM Template, then click *Review + create*.
+. Return to {kib} and wait for the confirmation of data received from your new integration. Then you can click **View Assets** to see your data.
 
-NOTE: During Cloud Shell setup, the CSPM integration adds roles to Google's default service account, which enables custom role creation and attachment of the service account to a compute instance.
-After setup, these roles are removed from the service account. If you attempt to delete the deployment but find the deployment manager lacks necessary permissions, consider adding the missing roles to the service account:
-https://cloud.google.com/iam/docs/understanding-roles#resourcemanager.projectIamAdmin[Project IAM Admin], https://cloud.google.com/iam/docs/understanding-roles#iam.roleAdmin[Role Administrator].
+NOTE: Should there be a note here similar to what's in the GCP setup guide?
 
 [discrete]
 [[cspm-set-up-manual-gcp]]
 === Manual authentication
 
-To authenticate manually, you'll first need to generate credentials for a new GCP service account with the necessary roles, then provide those credentials to the CSPM integration.
+To authenticate manually, you'll first need to generate credentials for a new Azure SOME PARTICULAR KIND OF ACCOUNT? with the necessary roles, then provide those credentials to the CSPM integration.
 
-Generate GCP credentials:
+Generate Azure credentials:
 
 The credentials JSON will download to your local machine. Keep it secure since it provides access to your GCP resources.
 
 Provide credentials to the CSPM integration:
 
 . On the CSPM setup screen under **Setup Access**, select **Manual**.
-. Enter your GCP **Project ID**.
-. Select either **Credentials File** or **Credentials JSON**, and enter the credentials information in your selected format.
+
+????????????
+
 . Under **Where to add this integration**:
 .. If you want to monitor a GCP project where you have not yet deployed {agent}:
 ... Select **New Hosts**.
 ... Name the {agent} policy. Use a name that matches the purpose or team of the cloud account or accounts you want to monitor. For example, `dev-gcp-account`.
-... Click **Save and continue**, then **Add {agent} to your hosts**. The **Add agent** wizard appears and provides {agent} binaries, which you can download and deploy to a VM in your GCP account.
+... Click **Save and continue**, then **Add {agent} to your hosts**. The **Add agent** wizard appears and provides {agent} binaries, which you can download and deploy to a VM in your Azure account.
 .. If you want to monitor a GCP project where you have already deployed {agent}:
 ... Select **Existing hosts**.
 ... Select an agent policy that applies the GCP project you want to monitor.

diff --git a/docs/cloud-native-security/cspm-get-started-gcp.asciidoc b/docs/cloud-native-security/cspm-get-started-gcp.asciidoc
@@ -31,9 +31,10 @@ To set up CSPM for GCP, you need to first add the CSPM integration, then enable
 . From the Elastic Security *Get started* page, click *Add integrations*.
 . Search for `CSPM`, then click on the result.
 . Click *Add Cloud Security Posture Management (CSPM)*.
-. Under *Configure integration*, select *GCP*, and either 
+. Under *Configure integration*, select *GCP*, then either *GCP Organization* (recommended) or *Single Account*.
 . Give your integration a name that matches the purpose or team of the GCP account you want to monitor, for example, `dev-gcp-project`.
 
+
 [discrete]
 [[cspm-set-up-cloud-access-section-gcp]]
 === Set up cloud account access
@@ -44,9 +45,9 @@ For most users, the simplest option is to use a Google Cloud Shell script to aut
 
 [discrete]
 [[cspm-set-up-cloudshell]]
-=== Cloud Shell script setup (recommended)
+==== Cloud Shell script setup (recommended)
 
-. Under **Setup Access**, select **Google Cloud Shell**.
+. Under **Setup Access**, select **Google Cloud Shell**. Enter your GCP Project ID, and for GCP Organization deployments, your GCP Organization ID.
 . Under **Where to add this integration**:
 .. Select **New Hosts**.
 .. Name the {agent} policy. Use a name that matches the purpose or team of the cloud account or accounts you want to monitor. For example, `dev-gcp-account`.
@@ -57,15 +58,15 @@ For most users, the simplest option is to use a Google Cloud Shell script to aut
 +
 image::images/cspm-cloudshell-trust.png[The cloud shell confirmation popup]
 +
-. In Google Cloud Shell, execute the command you copied earlier. Once it finishes, return to {kib} and wait for the confirmation of data received from your new integration. Then you can click **View Assets** to see your data.
+. In Google Cloud Shell, execute the command you copied. Once it finishes, return to {kib} and wait for the confirmation of data received from your new integration. Then you can click **View Assets** to see your data.
 
 NOTE: During Cloud Shell setup, the CSPM integration adds roles to Google's default service account, which enables custom role creation and attachment of the service account to a compute instance.
 After setup, these roles are removed from the service account. If you attempt to delete the deployment but find the deployment manager lacks necessary permissions, consider adding the missing roles to the service account:
 https://cloud.google.com/iam/docs/understanding-roles#resourcemanager.projectIamAdmin[Project IAM Admin], https://cloud.google.com/iam/docs/understanding-roles#iam.roleAdmin[Role Administrator].
 
 [discrete]
 [[cspm-set-up-manual-gcp]]
-=== Manual authentication
+==== Manual authentication
 
 To authenticate manually, you'll first need to generate credentials for a new GCP service account with the necessary roles, then provide those credentials to the CSPM integration.