Skip to content

[Cloud-Security] Adding var-groups to support authentication vars - related to cloud connector feature #16985

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
seanrathier wants to merge 6 commits into
base: main
Choose a base branch
from
Open

[Cloud-Security] Adding var-groups to support authentication vars - related to cloud connector feature #16985

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
14f60c0
var-groups: selection working
seanrathier Jan 16, 2026
dc1f3ed
up the kibana version
seanrathier Jan 23, 2026
dd663c6
Added backward compatibility
seanrathier Jan 23, 2026
6be6031
oops
seanrathier Jan 23, 2026
817f467
oops
seanrathier Jan 23, 2026
ccc4eb5
added var groups again
seanrathier Jan 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions packages/aws/changelog.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "5.6.2"
changes:
- description: Add var_groups for credential type selection with Cloud Connector support for agentless deployments.
type: enhancement
link: https://github.com/elastic/security-team/issues/15398
- version: "5.6.1"
changes:
- description: Fix Cloudtrail's Lambda event parsing of `vpcConfig.securityGroupIds` and `vpcConfig.subnetIds` fields.
Expand Down
34 changes: 32 additions & 2 deletions packages/aws/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
format_version: 3.4.0
format_version: 3.6.0
name: aws
title: AWS
version: 5.6.1
version: 5.6.2
description: Collect logs and metrics from Amazon Web Services (AWS) with Elastic Agent.
type: integration
categories:
Expand Down Expand Up @@ -95,6 +95,34 @@ vars:
required: false
show_user: false
description: URL to proxy connections in the form of http\[s\]://<user>:<password>@<server name/ip>:<port>
var_groups:
- name: credential_type
required: true
title: Setup Access
selector_title: Preferred method
options:
- name: cloud_connectors
title: Cloud Connector
vars: [role_arn, external_id]
hide_in_deployment_modes: [default]
provider: aws
iac_template_url: https://console.aws.amazon.com/cloudformation/home#/stacks/quickcreate?templateURL=https://elastic-cspm-cft.s3.eu-central-1.amazonaws.com/cloudformation-cloud-connectors-ACCOUNT_TYPE-9.2.0.yml&param_ElasticResourceId=RESOURCE_ID
- name: direct_access_key
title: Direct Access Keys
vars: [access_key_id, secret_access_key]
- name: temporary_access_key
title: Temporary Access Keys
vars: [access_key_id, secret_access_key, session_token]
- name: assume_role
title: Assume Role
vars: [role_arn]
- name: assume_role_external_id
title: Assume Role with External ID
vars: [role_arn, external_id]
- name: shared_credentials
title: Shared Credentials
vars: [shared_credential_file, credential_profile_name]
hide_in_deployment_modes: [agentless]
policy_templates:
- name: awshealth
title: AWS Health
Expand Down Expand Up @@ -873,6 +901,8 @@ policy_templates:
- type: aws-s3
title: Collect Amazon GuardDuty logs via AWS S3 or SQS
description: Collecting Amazon GuardDuty logs via AWS S3 or SQS input.
hide_in_var_group_options:
credential_type: [cloud_connectors]
screenshots:
- src: /img/guardduty-findings-overview.png
title: GuardDuty Findings Overview dashboard screenshot
Expand Down