From d552daa5664625dbb6b27b84a39a8961d40a1f58 Mon Sep 17 00:00:00 2001
From: Jean-Fabrice Bobo <2949987+jeanfabrice@users.noreply.github.com>
Date: Fri, 12 Jan 2024 18:20:53 +0100
Subject: [PATCH] Fix indentation typo (#4575)

(cherry picked from commit ece87f8b3f75e8117a8aeb39d8ccbb6141822c6d)

# Conflicts:
#	docs/cloud-native-security/get-started-with-kspm.asciidoc
---
 .../get-started-with-kspm.asciidoc            | 161 ++++++++++++++++++
 1 file changed, 161 insertions(+)

diff --git a/docs/cloud-native-security/get-started-with-kspm.asciidoc b/docs/cloud-native-security/get-started-with-kspm.asciidoc
index 367f33227a..f7104b671d 100644
--- a/docs/cloud-native-security/get-started-with-kspm.asciidoc
+++ b/docs/cloud-native-security/get-started-with-kspm.asciidoc
@@ -236,4 +236,165 @@ The *Add agent* wizard helps you deploy the KSPM integration on the Kubernetes c
 1. Download the manifest and make any necessary revisions to its configuration to suit the needs of your environment.
 2. Apply the manifest using the `kubectl apply -f` command. For example: `kubectl apply -f elastic-agent-managed-kubernetes.yaml`
 
+<<<<<<< HEAD:docs/cloud-native-security/get-started-with-kspm.asciidoc
 After a few minutes, a message confirming the {agent} enrollment appears, followed by a message confirming that data is incoming. You can then click *View assets* to see where the newly-collected configuration information appears throughout {kib}, including the <<findings-page,Findings page>> and the <<cloud-posture-dashboard, Cloud Posture dashboard>>.
+=======
+After a few minutes, a message confirming the {agent} enrollment appears, followed by a message confirming that data is incoming. You can then click *View assets* to see where the newly-collected configuration information appears throughout {kib}, including the <<findings-page,Findings page>> and the <<cloud-posture-dashboard, Cloud Security Posture dashboard>>.
+
+[discrete]
+[[kspm-eck]]
+=== Set up KSPM on ECK deployments
+To run KSPM on an https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-quickstart.html[ECK] deployment,
+you must edit the https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-elastic-agent-configuration.html[Elastic Agent CRD] and https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-elastic-agent-configuration.html#k8s-elastic-agent-role-based-access-control[Elastic Agent Cluster-Role] `.yaml` files.
+
+.Patch Elastic Agent
+[%collapsible]
+====
+Add `volumes` and `volumeMounts` to `podTemplate`:
+```yaml
+podTemplate:
+  spec:
+    containers:
+    - name: agent
+      volumeMounts:
+      - name: proc
+        mountPath: /hostfs/proc
+        readOnly: true
+      - name: cgroup
+        mountPath: /hostfs/sys/fs/cgroup
+        readOnly: true
+      - name: varlibdockercontainers
+        mountPath: /var/lib/docker/containers
+        readOnly: true
+      - name: varlog
+        mountPath: /var/log
+        readOnly: true
+      - name: etc-full
+        mountPath: /hostfs/etc
+        readOnly: true
+      - name: var-lib
+        mountPath: /hostfs/var/lib
+        readOnly: true
+      - name: etc-mid
+        mountPath: /etc/machine-id
+        readOnly: true
+    volumes:
+    - name: proc
+      hostPath:
+        path: /proc
+    - name: cgroup
+      hostPath:
+        path: /sys/fs/cgroup
+    - name: varlibdockercontainers
+      hostPath:
+        path: /var/lib/docker/containers
+    - name: varlog
+      hostPath:
+        path: /var/log
+    - name: etc-full
+      hostPath:
+        path: /etc
+    - name: var-lib
+      hostPath:
+        path: /var/lib
+    # Mount /etc/machine-id from the host to determine host ID
+    # Needed for Elastic Security integration
+    - name: etc-mid
+      hostPath:
+        path: /etc/machine-id
+        type: File
+```
+====
+
+.Patch RBAC
+[%collapsible]
+====
+Make sure that the `elastic-agent` service-account has the following Role and ClusterRole:
+```yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  namespace: default
+  name: elastic-agent
+subjects:
+- kind: ServiceAccount
+  name: elastic-agent
+  namespace: default
+roleRef:
+  kind: Role
+  name: elastic-agent
+  apiGroup: rbac.authorization.k8s.io
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: elastic-agent
+  labels:
+    k8s-app: elastic-agent
+rules:
+- apiGroups: [""]
+  resources:
+  - nodes
+  - namespaces
+  - events
+  - pods
+  - services
+  - configmaps
+  - serviceaccounts
+  - persistentvolumes
+  - persistentvolumeclaims
+  verbs: ["get", "list", "watch"]
+- apiGroups: ["extensions"]
+  resources:
+  - replicasets
+  verbs: ["get", "list", "watch"]
+- apiGroups: ["apps"]
+  resources:
+  - statefulsets
+  - deployments
+  - replicasets
+  - daemonsets
+  verbs: ["get", "list", "watch"]
+- apiGroups:
+  - ""
+  resources:
+  - nodes/stats
+  verbs:
+  - get
+- apiGroups: [ "batch" ]
+  resources:
+  - jobs
+  - cronjobs
+  verbs: [ "get", "list", "watch" ]
+- nonResourceURLs:
+  - "/metrics"
+  verbs:
+  - get
+- apiGroups: ["rbac.authorization.k8s.io"]
+  resources:
+  - clusterrolebindings
+  - clusterroles
+  - rolebindings
+  - roles
+  verbs: ["get", "list", "watch"]
+- apiGroups: ["policy"]
+  resources:
+  - podsecuritypolicies
+  verbs: ["get", "list", "watch"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: elastic-agent
+  namespace: default
+  labels:
+    k8s-app: elastic-agent
+rules:
+  - apiGroups:
+    - coordination.k8s.io
+    resources:
+    - leases
+    verbs: ["get", "create", "update"]
+```
+====
+>>>>>>> ece87f8b (Fix indentation typo (#4575)):docs/cloud-native-security/kspm-get-started.asciidoc