[Cloud Secutity Posture] Add cloud connector support for asset discovery #221689

Omolola-Akinleye · 2025-05-27T20:00:22Z

Summary

Add Cloud Connector support for Agentless Asset Discovery Integration. In this PR, we add the following:

Feature flag in Security Solution Plugin to enable Cloud Connector feature in Asset Discover Integration
Add Cloud Connector as the default supported option in Agentless AWS Form similar CSPM

…ud-connectors

elasticmachine · 2025-05-27T21:06:52Z

Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)

Copilot

Pull Request Overview

This PR adds support for Cloud Connector integration in Agentless Asset Discovery by introducing new feature flags, updated AWS credential forms and related constants, and corresponding test changes. Key changes include:

Adding new hooks and constants for Cloud Connector support
Updating AWS credentials forms and options to support Cloud Connectors
Enhancing tests and mocks to cover the new functionality

Reviewed Changes

Copilot reviewed 17 out of 20 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
x-pack/solutions/security/plugins/security_solution/public/asset_inventory/hooks/use_kibana.ts	Adds a new hook to extend Kibana context for CSP integration.
x-pack/solutions/security/plugins/security_solution/public/asset_inventory/constants.ts	Introduces new test subject constants and version info.
x-pack/solutions/security/plugins/security_solution/public/asset_inventory/components/fleet_extensions/utils.ts	Adds new utility functions for handling Cloud Connector AWS credential configuration.
x-pack/solutions/security/plugins/security_solution/public/asset_inventory/components/fleet_extensions/policy_template_selectors.tsx	Updates component props to pass along the new showCloudConnectors flag.
x-pack/solutions/security/plugins/security_solution/public/asset_inventory/components/fleet_extensions/policy_template_form.tsx	Modifies policy template form to include Cloud Connector support and feature flag integration.
x-pack/solutions/security/plugins/security_solution/public/asset_inventory/components/fleet_extensions/policy_template_form.test.tsx	Updates tests to include Cloud Connector functionality.
x-pack/solutions/security/plugins/security_solution/public/asset_inventory/components/fleet_extensions/mocks.ts	Adds a new mock for AWS package info reflecting Cloud Connector assets.
x-pack/solutions/security/plugins/security_solution/public/asset_inventory/components/fleet_extensions/constants.ts	Adds new constants for Cloud Connector template URLs and environment variables.
x-pack/solutions/security/plugins/security_solution/public/asset_inventory/components/fleet_extensions/aws_credentials_form/*	Updates AWS credentials form types, hooks, options, and components to incorporate Cloud Connector support.
x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts	Introduces a new experimental feature flag for Cloud Connectors.
x-pack/solutions/security/plugins/cloud_security_posture/public/components/fleet_extensions/aws_credentials_form/aws_credentials_form_agentless.tsx	Adjusts the AWS agentless credentials form for the CSPM integration using Cloud Connector details.

Files not reviewed (3)

x-pack/platform/plugins/private/translations/translations/fr-FR.json: Language not supported
x-pack/platform/plugins/private/translations/translations/ja-JP.json: Language not supported
x-pack/platform/plugins/private/translations/translations/zh-CN.json: Language not supported

Comments suppressed due to low confidence (2)

x-pack/solutions/security/plugins/security_solution/public/asset_inventory/components/fleet_extensions/constants.ts:40

Consider correcting the spelling from 'ACCORDIAN' to 'ACCORDION' to align with standard English spelling and maintain consistency across the codebase.

export const TEST_SUBJ_AWS_CLOUD_FORMATION_ACCORDIAN = 'asset-inventory-launchAws-CloudFormation-Accordian-Instructions';

x-pack/solutions/security/plugins/security_solution/public/asset_inventory/components/fleet_extensions/aws_credentials_form/aws_credentials_form_options.tsx:153

The i18n translation id contains a double dot ('..assumeRoleLabel'); please remove the extra dot to ensure proper translation key mapping.

label: i18n.translate('xpack.securitySolution.assetInventory.fleetIntegration..assumeRoleLabel', {

sabarasaba

kibana management changes lgtm

...gins/cloud_security_posture/public/components/fleet_extensions/policy_template_form.test.tsx

albertoblaz · 2025-05-29T09:53:06Z

...y/plugins/cloud_security_posture/public/components/fleet_extensions/policy_template_form.tsx

@@ -688,7 +687,9 @@ export const CspPolicyTemplateForm = memo<PackagePolicyReplaceDefineStepExtensio
    const isParentSecurityPosture = !integrationParam;
    // Handling validation state
    const [isValid, setIsValid] = useState(true);
-    const { cloud } = useKibana().services;
+    const { cloud, uiSettings } = useKibana().services;
+    const cloudConnectorsEnabled = uiSettings.get('securitySolution:enableCloudConnector') || false;


Same, I'd reuse the constant here

Suggested change

const cloudConnectorsEnabled = uiSettings.get('securitySolution:enableCloudConnector') || false;

const cloudConnectorsEnabled = uiSettings.get(SECURITY_SOLUTION_ENABLE_CLOUD_CONNECTOR_SETTING) || false;

Could you replace this string with a constant? Either SECURITY_SOLUTION_ENABLE_CLOUD_CONNECTOR_SETTING or ENABLE_CLOUD_CONNECTOR_SETTING would work

x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts

...ty_solution/public/asset_inventory/components/fleet_extensions/policy_template_form.test.tsx

kibanamachine · 2025-06-11T20:49:43Z