elastic
diff --git a/‎packages/wiz/changelog.yml‎
Lines changed: 8 additions & 0 deletions b/‎packages/wiz/changelog.yml‎
Lines changed: 8 additions & 0 deletions
diff --git a/‎packages/wiz/data_stream/issue/_dev/test/pipeline/test-issue.log‎
Lines changed: 1 addition & 0 deletions b/‎packages/wiz/data_stream/issue/_dev/test/pipeline/test-issue.log‎
Lines changed: 1 addition & 0 deletions
@@ -1,4 +1,12 @@
 # newer versions go on top
+- version: "1.9.0-preview07"
+ changes:
+ - description: Relax requirement for vulnerability score to be present.
+ type: bugfix
+ link: https://github.com/elastic/integrations/pull/11488
+ - description: Retain `cloudConfigurationRuleDescription` from `sourceRule`.
+ type: enhancement
+ link: https://github.com/elastic/integrations/pull/11488
 - version: "1.9.0-preview05"
  changes:
  - description: Increase retention on transfroms to 90 days.
 
@@ -1 +1,2 @@
 {"createdAt": "2023-08-23T07:56:09.903743Z","dueAt": "2023-08-30T21:00:00Z","entitySnapshot": {"cloudPlatform": "Kubernetes","cloudProviderURL": "https://portal.az.com/#@sectest.on.com/resource//subscriptions/","externalId": "k8s/clusterrole/aaa8e7ca2bf9bc85a75d5bbdd8ffd08d69f8852782a6341c3c3519sad45/system:aggregate-to-edit/12","id": "e507d472-b7da-5f05-9b25-72a271336b14","name": "system:aggregate-to-edit","nativeType": "ClusterRole","providerId": "k8s/clusterrole/aaa8e7ca2bf9bc85a75d5bbdd8ffd08d69f8852782a6341c3c3519bac0f24ae9/system:aggregate-to-edit/12","region": "us-01","resourceGroupExternalId": "/subscriptions/cfd132be-3bc7-4f86-8efd-ed53ae498fec/resourcegroups/test-selfmanaged-eastus","status": "Active","subscriptionExternalId": "998231069301","subscriptionName": "demo-integrations","subscriptionTags": {},"tags": {"kubernetes.io/bootstrapping": "rbac-defaults","rbac.authorization.k8s.io/aggregate-to-edit": "true"},"type": "ACCESS_ROLE"},"id": "fff9cffd-64a7-412c-9535-cf837f4b0b40","type":"THREAT_DETECTION","notes": [{"createdAt": "2023-08-23T07:56:09.903743Z","serviceAccount": {"name": "rev-ke"},"text": "updated","updatedAt": "2023-08-09T23:10:22.588721Z","user":{"name":"admin","email":"admin@example.com"}},{"createdAt": "2023-08-09T23:08:49.918941Z","serviceAccount": {"name": "rev-ke2"},"text": "updated","updatedAt": "2023-08-09T23:10:22.591487Z","user":{"name":"root","email":"root@example.com"}}],"projects": [{"businessUnit": "","id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8","name": "Project 2","riskProfile": {"businessImpact": "MBI"},"slug": "project-2"},{"businessUnit": "Dev","id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531","name": "project 4","riskProfile": {"businessImpact": "MBI"},"slug": "project-4"},{"businessUnit": "Dev","id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178","name": "Project1","riskProfile": {"businessImpact": "MBI"},"slug": "project1"}],"resolvedAt": "2023-08-09T23:10:22.588721Z","serviceTickets": [{"externalId": "638361121bbfdd10f6c1cbf3604bcb7e","name": "SIR0010002","url": "https://ven05658.testing.com/nav_to.do?uri=%2Fsn_si_incident.do%3Fsys_id%3D6385248sdsae421"}],"severity": "INFORMATIONAL","sourceRule": {"__typename": "Control","controlDescription": "These EKS principals assume roles that provide bind, escalate and impersonate permissions. \n\nThe `bind` permission allows users to create bindings to roles with rights they do not already have. The `escalate` permission allows users effectively escalate their privileges. The `impersonate` permission allows users to impersonate and gain the rights of other users in the cluster. Running containers with these permissions has the potential to effectively allow privilege escalation to the cluster-admin level.","id": "wc-id-1335","name": "EKS principals assume roles that provide bind, escalate and impersonate permissions","resolutionRecommendation": "To follow the principle of least privilege and minimize the risk of unauthorized access and data breaches, it is recommended not to grant `bind`, `escalate` or `impersonate` permissions.","securitySubCategories": [{"category": {"framework": {"name": "CIS EKS 1.2.0"},"name": "4.1 RBAC and Service Accounts"},"title": "4.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes cluster - Level 1 (Manual)"},{"category": {"framework": {"name": "Wiz for Risk Assessment"},"name": "Identity Management"},"title": "Privileged principal"},{"category": {"framework": {"name": "Wiz"},"name": "9 Container Security"},"title": "Container Security"},{"category": {"framework": {"name": "Wiz for Risk Assessment"},"name": "Container & Kubernetes Security"},"title": "Cluster misconfiguration"}]},"status": "IN_PROGRESS","statusChangedAt": "2023-07-31T06:26:08.708199Z","updatedAt": "2023-08-14T06:06:18.331647Z"}
+{"createdAt": "2023-08-23T07:56:09.903743Z","dueAt": "2023-08-30T21:00:00Z","entitySnapshot": {"cloudPlatform": "Kubernetes","cloudProviderURL": "https://portal.az.com/#@sectest.on.com/resource//subscriptions/","externalId": "k8s/clusterrole/aaa8e7ca2bf9bc85a75d5bbdd8ffd08d69f8852782a6341c3c3519sad45/system:aggregate-to-edit/12","id": "e507d472-b7da-5f05-9b25-72a271336b14","name": "system:aggregate-to-edit","nativeType": "ClusterRole","providerId": "k8s/clusterrole/aaa8e7ca2bf9bc85a75d5bbdd8ffd08d69f8852782a6341c3c3519bac0f24ae9/system:aggregate-to-edit/12","region": "us-01","resourceGroupExternalId": "/subscriptions/cfd132be-3bc7-4f86-8efd-ed53ae498fec/resourcegroups/test-selfmanaged-eastus","status": "Active","subscriptionExternalId": "998231069301","subscriptionName": "demo-integrations","subscriptionTags": {},"tags": {"kubernetes.io/bootstrapping": "rbac-defaults","rbac.authorization.k8s.io/aggregate-to-edit": "true"},"type": "ACCESS_ROLE"},"id": "fff9cffd-64a7-412c-9535-cf837f4b0b40","type":"THREAT_DETECTION","notes": [{"createdAt": "2023-08-23T07:56:09.903743Z","serviceAccount": {"name": "rev-ke"},"text": "updated","updatedAt": "2023-08-09T23:10:22.588721Z","user":{"name":"admin","email":"admin@example.com"}},{"createdAt": "2023-08-09T23:08:49.918941Z","serviceAccount": {"name": "rev-ke2"},"text": "updated","updatedAt": "2023-08-09T23:10:22.591487Z","user":{"name":"root","email":"root@example.com"}}],"projects": [{"businessUnit": "","id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8","name": "Project 2","riskProfile": {"businessImpact": "MBI"},"slug": "project-2"},{"businessUnit": "Dev","id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531","name": "project 4","riskProfile": {"businessImpact": "MBI"},"slug": "project-4"},{"businessUnit": "Dev","id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178","name": "Project1","riskProfile": {"businessImpact": "MBI"},"slug": "project1"}],"resolvedAt": "2023-08-09T23:10:22.588721Z","serviceTickets": [{"externalId": "638361121bbfdd10f6c1cbf3604bcb7e","name": "SIR0010002","url": "https://ven05658.testing.com/nav_to.do?uri=%2Fsn_si_incident.do%3Fsys_id%3D6385248sdsae421"}],"severity": "INFORMATIONAL","sourceRule": {"__typename": "CloudConfigurationRule","cloudConfigurationRuleDescription": "These EKS principals assume roles that provide bind, escalate and impersonate permissions. \n\nThe `bind` permission allows users to create bindings to roles with rights they do not already have. The `escalate` permission allows users effectively escalate their privileges. The `impersonate` permission allows users to impersonate and gain the rights of other users in the cluster. Running containers with these permissions has the potential to effectively allow privilege escalation to the cluster-admin level.","id": "wc-id-1335","name": "EKS principals assume roles that provide bind, escalate and impersonate permissions","resolutionRecommendation": "To follow the principle of least privilege and minimize the risk of unauthorized access and data breaches, it is recommended not to grant `bind`, `escalate` or `impersonate` permissions.","securitySubCategories": [{"category": {"framework": {"name": "CIS EKS 1.2.0"},"name": "4.1 RBAC and Service Accounts"},"title": "4.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes cluster - Level 1 (Manual)"},{"category": {"framework": {"name": "Wiz for Risk Assessment"},"name": "Identity Management"},"title": "Privileged principal"},{"category": {"framework": {"name": "Wiz"},"name": "9 Container Security"},"title": "Container Security"},{"category": {"framework": {"name": "Wiz for Risk Assessment"},"name": "Container & Kubernetes Security"},"title": "Cluster misconfiguration"}]},"status": "IN_PROGRESS","statusChangedAt": "2023-07-31T06:26:08.708199Z","updatedAt": "2023-08-14T06:06:18.331647Z"}
Original file line number	Diff line number	Diff line change
`@@ -1 +1,2 @@`
`1`	`1`	{"createdAt": "2023-08-23T07:56:09.903743Z","dueAt": "2023-08-30T21:00:00Z","entitySnapshot": {"cloudPlatform": "Kubernetes","cloudProviderURL": "https://portal.az.com/#@sectest.on.com/resource//subscriptions/","externalId": "k8s/clusterrole/aaa8e7ca2bf9bc85a75d5bbdd8ffd08d69f8852782a6341c3c3519sad45/system:aggregate-to-edit/12","id": "e507d472-b7da-5f05-9b25-72a271336b14","name": "system:aggregate-to-edit","nativeType": "ClusterRole","providerId": "k8s/clusterrole/aaa8e7ca2bf9bc85a75d5bbdd8ffd08d69f8852782a6341c3c3519bac0f24ae9/system:aggregate-to-edit/12","region": "us-01","resourceGroupExternalId": "/subscriptions/cfd132be-3bc7-4f86-8efd-ed53ae498fec/resourcegroups/test-selfmanaged-eastus","status": "Active","subscriptionExternalId": "998231069301","subscriptionName": "demo-integrations","subscriptionTags": {},"tags": {"kubernetes.io/bootstrapping": "rbac-defaults","rbac.authorization.k8s.io/aggregate-to-edit": "true"},"type": "ACCESS_ROLE"},"id": "fff9cffd-64a7-412c-9535-cf837f4b0b40","type":"THREAT_DETECTION","notes": [{"createdAt": "2023-08-23T07:56:09.903743Z","serviceAccount": {"name": "rev-ke"},"text": "updated","updatedAt": "2023-08-09T23:10:22.588721Z","user":{"name":"admin","email":"admin@example.com"}},{"createdAt": "2023-08-09T23:08:49.918941Z","serviceAccount": {"name": "rev-ke2"},"text": "updated","updatedAt": "2023-08-09T23:10:22.591487Z","user":{"name":"root","email":"root@example.com"}}],"projects": [{"businessUnit": "","id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8","name": "Project 2","riskProfile": {"businessImpact": "MBI"},"slug": "project-2"},{"businessUnit": "Dev","id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531","name": "project 4","riskProfile": {"businessImpact": "MBI"},"slug": "project-4"},{"businessUnit": "Dev","id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178","name": "Project1","riskProfile": {"businessImpact": "MBI"},"slug": "project1"}],"resolvedAt": "2023-08-09T23:10:22.588721Z","serviceTickets": [{"externalId": "638361121bbfdd10f6c1cbf3604bcb7e","name": "SIR0010002","url": "https://ven05658.testing.com/nav_to.do?uri=%2Fsn_si_incident.do%3Fsys_id%3D6385248sdsae421"}],"severity": "INFORMATIONAL","sourceRule": {"__typename": "Control","controlDescription": "These EKS principals assume roles that provide bind, escalate and impersonate permissions. \n\nThe `bind` permission allows users to create bindings to roles with rights they do not already have. The `escalate` permission allows users effectively escalate their privileges. The `impersonate` permission allows users to impersonate and gain the rights of other users in the cluster. Running containers with these permissions has the potential to effectively allow privilege escalation to the cluster-admin level.","id": "wc-id-1335","name": "EKS principals assume roles that provide bind, escalate and impersonate permissions","resolutionRecommendation": "To follow the principle of least privilege and minimize the risk of unauthorized access and data breaches, it is recommended not to grant `bind`, `escalate` or `impersonate` permissions.","securitySubCategories": [{"category": {"framework": {"name": "CIS EKS 1.2.0"},"name": "4.1 RBAC and Service Accounts"},"title": "4.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes cluster - Level 1 (Manual)"},{"category": {"framework": {"name": "Wiz for Risk Assessment"},"name": "Identity Management"},"title": "Privileged principal"},{"category": {"framework": {"name": "Wiz"},"name": "9 Container Security"},"title": "Container Security"},{"category": {"framework": {"name": "Wiz for Risk Assessment"},"name": "Container & Kubernetes Security"},"title": "Cluster misconfiguration"}]},"status": "IN_PROGRESS","statusChangedAt": "2023-07-31T06:26:08.708199Z","updatedAt": "2023-08-14T06:06:18.331647Z"}
	`2`	+{"createdAt": "2023-08-23T07:56:09.903743Z","dueAt": "2023-08-30T21:00:00Z","entitySnapshot": {"cloudPlatform": "Kubernetes","cloudProviderURL": "https://portal.az.com/#@sectest.on.com/resource//subscriptions/","externalId": "k8s/clusterrole/aaa8e7ca2bf9bc85a75d5bbdd8ffd08d69f8852782a6341c3c3519sad45/system:aggregate-to-edit/12","id": "e507d472-b7da-5f05-9b25-72a271336b14","name": "system:aggregate-to-edit","nativeType": "ClusterRole","providerId": "k8s/clusterrole/aaa8e7ca2bf9bc85a75d5bbdd8ffd08d69f8852782a6341c3c3519bac0f24ae9/system:aggregate-to-edit/12","region": "us-01","resourceGroupExternalId": "/subscriptions/cfd132be-3bc7-4f86-8efd-ed53ae498fec/resourcegroups/test-selfmanaged-eastus","status": "Active","subscriptionExternalId": "998231069301","subscriptionName": "demo-integrations","subscriptionTags": {},"tags": {"kubernetes.io/bootstrapping": "rbac-defaults","rbac.authorization.k8s.io/aggregate-to-edit": "true"},"type": "ACCESS_ROLE"},"id": "fff9cffd-64a7-412c-9535-cf837f4b0b40","type":"THREAT_DETECTION","notes": [{"createdAt": "2023-08-23T07:56:09.903743Z","serviceAccount": {"name": "rev-ke"},"text": "updated","updatedAt": "2023-08-09T23:10:22.588721Z","user":{"name":"admin","email":"admin@example.com"}},{"createdAt": "2023-08-09T23:08:49.918941Z","serviceAccount": {"name": "rev-ke2"},"text": "updated","updatedAt": "2023-08-09T23:10:22.591487Z","user":{"name":"root","email":"root@example.com"}}],"projects": [{"businessUnit": "","id": "83b76efe-a7b6-5762-8a53-8e8f59e68bd8","name": "Project 2","riskProfile": {"businessImpact": "MBI"},"slug": "project-2"},{"businessUnit": "Dev","id": "af52828c-4eb1-5c4e-847c-ebc3a5ead531","name": "project 4","riskProfile": {"businessImpact": "MBI"},"slug": "project-4"},{"businessUnit": "Dev","id": "d6ac50bb-aec0-52fc-80ab-bacd7b02f178","name": "Project1","riskProfile": {"businessImpact": "MBI"},"slug": "project1"}],"resolvedAt": "2023-08-09T23:10:22.588721Z","serviceTickets": [{"externalId": "638361121bbfdd10f6c1cbf3604bcb7e","name": "SIR0010002","url": "https://ven05658.testing.com/nav_to.do?uri=%2Fsn_si_incident.do%3Fsys_id%3D6385248sdsae421"}],"severity": "INFORMATIONAL","sourceRule": {"__typename": "CloudConfigurationRule","cloudConfigurationRuleDescription": "These EKS principals assume roles that provide bind, escalate and impersonate permissions. \n\nThe `bind` permission allows users to create bindings to roles with rights they do not already have. The `escalate` permission allows users effectively escalate their privileges. The `impersonate` permission allows users to impersonate and gain the rights of other users in the cluster. Running containers with these permissions has the potential to effectively allow privilege escalation to the cluster-admin level.","id": "wc-id-1335","name": "EKS principals assume roles that provide bind, escalate and impersonate permissions","resolutionRecommendation": "To follow the principle of least privilege and minimize the risk of unauthorized access and data breaches, it is recommended not to grant `bind`, `escalate` or `impersonate` permissions.","securitySubCategories": [{"category": {"framework": {"name": "CIS EKS 1.2.0"},"name": "4.1 RBAC and Service Accounts"},"title": "4.1.8 Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes cluster - Level 1 (Manual)"},{"category": {"framework": {"name": "Wiz for Risk Assessment"},"name": "Identity Management"},"title": "Privileged principal"},{"category": {"framework": {"name": "Wiz"},"name": "9 Container Security"},"title": "Container Security"},{"category": {"framework": {"name": "Wiz for Risk Assessment"},"name": "Container & Kubernetes Security"},"title": "Cluster misconfiguration"}]},"status": "IN_PROGRESS","statusChangedAt": "2023-07-31T06:26:08.708199Z","updatedAt": "2023-08-14T06:06:18.331647Z"}