Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for AWS Access Point ARN in compatible integrations #12154

Merged
merged 8 commits into from
Jan 3, 2025
Merged

Add support for AWS Access Point ARN in compatible integrations #12154

merged 8 commits into from
Jan 3, 2025
+976 −161

Conversation

chemamartinez
Copy link
Contributor

Proposed commit message

Add support for the new setting access_point_arn for the AWS S3 input added at elastic/beats#41495 for 8.16.2 and 8.17.0.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Related issues

@chemamartinez chemamartinez self-assigned this Dec 18, 2024
@chemamartinez chemamartinez marked this pull request as ready for review December 18, 2024 17:18
@chemamartinez chemamartinez requested review from a team as code owners December 18, 2024 17:18
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@andrewkroh andrewkroh added Team:obs-ds-hosted-services Label for the Observability Hosted Services team [elastic/obs-ds-hosted-services] Team:Obs-InfraObs Label for the Observability Infrastructure Monitoring team [elastic/obs-infraobs-integrations] labels Dec 18, 2024
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Dec 18, 2024
edited
Loading

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@chemamartinez
Copy link
Contributor Author

/test

ShourieG
ShourieG approved these changes Dec 24, 2024
View reviewed changes
Copy link
Contributor

@ShourieG ShourieG left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

packages/aws_logs/_dev/build/docs/README.md Outdated Show resolved Hide resolved
packages/aws_logs/_dev/build/docs/README.md Outdated Show resolved Hide resolved
packages/aws_logs/data_stream/generic/manifest.yml Outdated Show resolved Hide resolved
packages/aws_logs/data_stream/generic/manifest.yml Outdated Show resolved Hide resolved
packages/aws_logs/docs/README.md Outdated Show resolved Hide resolved
packages/aws_logs/docs/README.md Outdated Show resolved Hide resolved
zmoog
zmoog approved these changes Jan 2, 2025
View reviewed changes
Copy link
Contributor

@zmoog zmoog left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mostly focused on the elastic/obs-ds-hosted-services integration packages (aws, aws_logs) and data streams, but the PR looks good.

So, LGTM.

agithomas
agithomas reviewed Jan 2, 2025
View reviewed changes
packages/aws/data_stream/cloudtrail/manifest.yml Outdated
multi: false
required: false
show_user: true
description: This is an alternative to the Bucket ARN, one of them is required for collecting logs via the AWS S3 Bucket.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nits: Suggestion to rephrase the description to clearly conveying the relationship with BucketARN

Mandatory if the "Collect logs via S3 Bucket" switch is on. It is a required parameter for collecting logs via the AWS S3 Bucket unless you set a Bucket ARN.

Not sure, how important it is to mention - what happens if both BucketARN and AccessPoint ARNs are set, which one is be given higher preference? Would it be an important point to mention in the README ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the suggestions.

Not sure, how important it is to mention - what happens if both BucketARN and AccessPoint ARNs are set, which one is be given higher preference? Would it be an important point to mention in the README ?

I think it is nice to have it. I added it at the description of Bucket ARN setting, as Readme don't talk about these particular settings in most of the integrations.

agithomas
agithomas approved these changes Jan 2, 2025
View reviewed changes
Copy link
Contributor

@agithomas agithomas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a suggestion for improving the description. Other changes LGTM!

@chemamartinez
Copy link
Contributor Author

/test

@elasticmachine
Copy link

💚 Build Succeeded

History

cc @chemamartinez

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
93.3% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@chemamartinez chemamartinez merged commit 8d8142f into elastic:main Jan 3, 2025
5 checks passed
@elastic-vault-github-plugin-prod
Copy link

Package amazon_security_lake - 2.3.0 containing this change is available at https://epr.elastic.co/package/amazon_security_lake/2.3.0/

@elastic-vault-github-plugin-prod
Copy link

Package aws - 2.38.0 containing this change is available at https://epr.elastic.co/package/aws/2.38.0/

@elastic-vault-github-plugin-prod
Copy link

Package aws_bedrock - 0.18.0 containing this change is available at https://epr.elastic.co/package/aws_bedrock/0.18.0/

@elastic-vault-github-plugin-prod
Copy link

Package aws_logs - 1.6.0 containing this change is available at https://epr.elastic.co/package/aws_logs/1.6.0/

@elastic-vault-github-plugin-prod
Copy link

Package canva - 0.4.0 containing this change is available at https://epr.elastic.co/package/canva/0.4.0/

@elastic-vault-github-plugin-prod
Copy link

Package carbon_black_cloud - 2.8.0 containing this change is available at https://epr.elastic.co/package/carbon_black_cloud/2.8.0/

@elastic-vault-github-plugin-prod
Copy link

Package cisco_umbrella - 1.28.0 containing this change is available at https://epr.elastic.co/package/cisco_umbrella/1.28.0/

@elastic-vault-github-plugin-prod
Copy link

Package cloudflare_logpush - 1.29.0 containing this change is available at https://epr.elastic.co/package/cloudflare_logpush/1.29.0/

@elastic-vault-github-plugin-prod
Copy link

Package f5_bigip - 1.23.0 containing this change is available at https://epr.elastic.co/package/f5_bigip/1.23.0/

@elastic-vault-github-plugin-prod
Copy link

Package imperva_cloud_waf - 1.5.0 containing this change is available at https://epr.elastic.co/package/imperva_cloud_waf/1.5.0/

@elastic-vault-github-plugin-prod
Copy link

Package jamf_protect - 2.9.0 containing this change is available at https://epr.elastic.co/package/jamf_protect/2.9.0/

@elastic-vault-github-plugin-prod
Copy link

Package sentinel_one_cloud_funnel - 1.8.0 containing this change is available at https://epr.elastic.co/package/sentinel_one_cloud_funnel/1.8.0/

@elastic-vault-github-plugin-prod
Copy link

Package servicenow - 0.8.0 containing this change is available at https://epr.elastic.co/package/servicenow/0.8.0/

@elastic-vault-github-plugin-prod
Copy link

Package sublime_security - 1.4.0 containing this change is available at https://epr.elastic.co/package/sublime_security/1.4.0/

@elastic-vault-github-plugin-prod
Copy link

Package symantec_endpoint_security - 1.6.0 containing this change is available at https://epr.elastic.co/package/symantec_endpoint_security/1.6.0/

@elastic-vault-github-plugin-prod
Copy link

Package tanium - 1.14.0 containing this change is available at https://epr.elastic.co/package/tanium/1.14.0/

@elastic-vault-github-plugin-prod
Copy link

Package trellix_edr_cloud - 1.6.0 containing this change is available at https://epr.elastic.co/package/trellix_edr_cloud/1.6.0/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ShourieG ShourieG ShourieG approved these changes

@agithomas agithomas agithomas approved these changes

@Kavindu-Dodan Kavindu-Dodan Kavindu-Dodan approved these changes

@zmoog zmoog zmoog approved these changes

Assignees

@chemamartinez chemamartinez

Labels
enhancement New feature or request Integration:amazon_security_lake Amazon Security Lake Integration:aws_bedrock Amazon Bedrock Integration:aws_logs Custom AWS Logs Integration:aws AWS Integration:canva Canva Integration:carbon_black_cloud VMware Carbon Black Cloud Integration:cisco_umbrella Cisco Umbrella Integration:cloudflare_logpush Cloudflare Logpush Integration:f5_bigip F5 BIG-IP Integration:imperva_cloud_waf Imperva Cloud WAF Integration:jamf_protect Jamf Protect Integration:sentinel_one_cloud_funnel SentinelOne Cloud Funnel Integration:servicenow ServiceNow Integration:sublime_security Sublime Security Integration:symantec_endpoint_security Symantec Endpoint Security Integration:tanium Tanium Integration:trellix_edr_cloud Trellix EDR Cloud Team:obs-ds-hosted-services Label for the Observability Hosted Services team [elastic/obs-ds-hosted-services] Team:Obs-InfraObs Label for the Observability Infrastructure Monitoring team [elastic/obs-infraobs-integrations] Team:Security-Service Integrations Security Service Integrations Team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add Access Point ARN option to integrations using AWS S3 input
7 participants
@chemamartinez @elasticmachine @ShourieG @zmoog @Kavindu-Dodan @agithomas @andrewkroh