[Cloud Security][Asset Inventory] Improve Asset Inventory credentials UX #11481
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
kubasobon added enhancement 5 tasks
orouz reviewed Oct 22, 2024
| description: Template URL to Cloud Formation Quick Create Stack | ||
| # ACCOUNT_TYPE value should be either "single-account" or "organization-account" | ||
| default: https://console.aws.amazon.com/cloudformation/home#/stacks/quickcreate?templateURL=https://elastic-cspm-cft.s3.eu-central-1.amazonaws.com/cloudformation-cspm-ACCOUNT_TYPE-8.15.0.yml&stackName=Elastic-Cloud-Security-Posture-Management¶m_EnrollmentToken=FLEET_ENROLLMENT_TOKEN¶m_FleetUrl=FLEET_URL¶m_ElasticAgentVersion=KIBANA_VERSION¶m_ElasticArtifactServer=https://artifacts.elastic.co/downloads/beats/elastic-agent | ||
| default: https://console.aws.amazon.com/cloudformation/home#/stacks/quickcreate?templateURL=https://elastic-cspm-cft.s3.eu-central-1.amazonaws.com/cloudformation-asset-inventory-ACCOUNT_TYPE-8.15.0.yml&stackName=Elastic-Cloud-Security-Posture-Management¶m_EnrollmentToken=FLEET_ENROLLMENT_TOKEN¶m_FleetUrl=FLEET_URL¶m_ElasticAgentVersion=KIBANA_VERSION¶m_ElasticArtifactServer=https://artifacts.elastic.co/downloads/beats/elastic-agent |
Contributor
There was a problem hiding this comment.
i thought users can't use cloud formation in the current setup. if that's true, maybe we don't need these vars at all (yet)
same for ARM template i assume
Member Author
There was a problem hiding this comment.
Sure, does not hurt to update them, even thought they are hidden.
orouz reviewed Oct 22, 2024
Comment on lines +112 to +118
| options: | ||
| - text: Managed Identity | ||
| value: managed_identity | ||
| - text: Service Principal with Client Secret | ||
| value: service_principal_with_client_secret | ||
| - text: Service Principal with Client Certificate | ||
| value: service_principal_with_client_certificate |
Contributor
There was a problem hiding this comment.
as discussed, showing the dropdown means showing all of the inputs for every option, which is a bit messy. just to clarify - we decided that's better than sticking with a single option (client secret) ?
Member Author
There was a problem hiding this comment.
We discussed in the daily that we'll keep the dropdown.
orouz reviewed Oct 22, 2024
packages/cloud_asset_inventory/data_stream/asset_inventory/manifest.yml Outdated Show resolved Hide resolved
orouz reviewed Oct 22, 2024
orouz reviewed Oct 22, 2024
packages/cloud_asset_inventory/data_stream/asset_inventory/manifest.yml Outdated Show resolved Hide resolved
orouz reviewed Oct 22, 2024
packages/cloud_asset_inventory/data_stream/asset_inventory/manifest.yml Outdated Show resolved Hide resolved
oren-zohar reviewed Oct 22, 2024
Comment on lines 37 to 43
| - text: Assume Role (manual) | ||
| value: assume_role | ||
| - text: Direct Access Keys (manual) | ||
| value: direct_access_keys | ||
| - text: Temporary Keys (manual) | ||
| value: temporary_keys | ||
| - text: Shared Credentials (manual) |
Contributor
There was a problem hiding this comment.
Suggested change
| - text: Assume Role (manual) | |
| value: assume_role | |
| - text: Direct Access Keys (manual) | |
| value: direct_access_keys | |
| - text: Temporary Keys (manual) | |
| value: temporary_keys | |
| - text: Shared Credentials (manual) | |
| - text: Assume Role (Manual) | |
| value: assume_role | |
| - text: Direct Access Keys (Manual) | |
| value: direct_access_keys | |
| - text: Temporary Keys (Manual) | |
| value: temporary_keys | |
| - text: Shared Credentials (Manual) |
Contributor
There was a problem hiding this comment.
Is it even needed to mention it's manual if there's no automated option?
Member Author
There was a problem hiding this comment.
Since I'm hiding/removing CloudFormation from this update, do you want me to drop the (Manual) marker?
packages/cloud_asset_inventory/data_stream/asset_inventory/manifest.yml Outdated Show resolved Hide resolved
orouz approved these changes Oct 22, 2024
oren-zohar approved these changes Oct 22, 2024
|
💚 Build Succeeded
History
cc @kubasobon |
| Package cloud_asset_inventory - 0.4.0 containing this change is available at https://epr.elastic.co/search?package=cloud_asset_inventory |
2 tasks
2 tasks
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
Proposed commit message
Improve Cloud Asset Inventory installation screen by denoting which types of credentials to provide.
Checklist
changelog.ymlfile.Related issues
Breakout from #11398
Screenshots