{ "name": "cloud_asset_inventory", "title": "Cloud Asset Discovery", "version": "1.5.0-preview04", "release": "beta", "source": { "license": "Elastic-2.0" }, "description": "Discover and Create Cloud Assets Discovery", "type": "integration", "download": "/epr/cloud_asset_inventory/cloud_asset_inventory-1.5.0-preview04.zip", "path": "/package/cloud_asset_inventory/1.5.0-preview04", "icons": [ { "src": "/img/logo_cloud_security_posture.svg", "path": "/package/cloud_asset_inventory/1.5.0-preview04/img/logo_cloud_security_posture.svg", "title": "Cloud Security Posture logo", "size": "32x32", "type": "image/svg+xml" } ], "conditions": { "kibana": { "version": ">=9.4.0" }, "elastic": { "subscription": "basic", "capabilities": [ "security" ] } }, "owner": { "type": "elastic", "github": "elastic/contextual-security" }, "categories": [ "security", "asset_inventory", "cloudsecurity_cdr", "cloud" ], "signature_path": "/epr/cloud_asset_inventory/cloud_asset_inventory-1.5.0-preview04.zip.sig", "format_version": "3.3.2", "readme": "/package/cloud_asset_inventory/1.5.0-preview04/docs/README.md", "license": "basic", "assets": [ "/package/cloud_asset_inventory/1.5.0-preview04/LICENSE.txt", "/package/cloud_asset_inventory/1.5.0-preview04/changelog.yml", "/package/cloud_asset_inventory/1.5.0-preview04/manifest.yml", "/package/cloud_asset_inventory/1.5.0-preview04/docs/README.md", "/package/cloud_asset_inventory/1.5.0-preview04/img/logo_cloud_security_posture.svg", "/package/cloud_asset_inventory/1.5.0-preview04/data_stream/asset_inventory/manifest.yml", "/package/cloud_asset_inventory/1.5.0-preview04/kibana/index_pattern/cloud_asset_inventory-2773feaf-50bb-43f8-9fa9-8f9a5f85e566.json", "/package/cloud_asset_inventory/1.5.0-preview04/data_stream/asset_inventory/fields/base-fields.yml", "/package/cloud_asset_inventory/1.5.0-preview04/data_stream/asset_inventory/fields/ecs.yml", "/package/cloud_asset_inventory/1.5.0-preview04/data_stream/asset_inventory/fields/entity.yml", "/package/cloud_asset_inventory/1.5.0-preview04/data_stream/asset_inventory/fields/related.yml", "/package/cloud_asset_inventory/1.5.0-preview04/data_stream/asset_inventory/agent/stream/aws.yml.hbs", "/package/cloud_asset_inventory/1.5.0-preview04/data_stream/asset_inventory/agent/stream/azure.yml.hbs", "/package/cloud_asset_inventory/1.5.0-preview04/data_stream/asset_inventory/agent/stream/gcp.yml.hbs" ], "policy_templates": [ { "name": "asset_inventory", "title": "Cloud Asset Discovery", "description": "Discover assets in your Cloud Environment and store within Elastic Search", "data_streams": [ "asset_inventory" ], "inputs": [ { "type": "cloudbeat/asset_inventory_aws", "vars": [ { "name": "cloud_formation_template", "type": "text", "title": "CloudFormation Template", "description": "Template URL to Cloud Formation Quick Create Stack", "multi": false, "required": true, "show_user": false, "default": "https://console.aws.amazon.com/cloudformation/home#/stacks/quickcreate?templateURL=https://elastic-cspm-cft.s3.eu-central-1.amazonaws.com/cloudformation-asset-inventory-ACCOUNT_TYPE-9.2.0.yml&stackName=Elastic-Cloud-Asset-Discovery¶m_EnrollmentToken=FLEET_ENROLLMENT_TOKEN¶m_FleetUrl=FLEET_URL¶m_ElasticAgentVersion=KIBANA_VERSION¶m_ElasticArtifactServer=https://artifacts.elastic.co/downloads/beats/elastic-agent" }, { "name": "cloud_formation_credentials_template", "type": "text", "title": "CloudFormation Credentials Template", "description": "Template URL to Cloud Formation Cloud Credentials Stack", "multi": false, "required": true, "show_user": false, "default": "https://console.aws.amazon.com/cloudformation/home#/stacks/quickcreate?templateURL=https://elastic-cspm-cft.s3.eu-central-1.amazonaws.com/cloudformation-asset-inventory-direct-access-key-ACCOUNT_TYPE-9.2.0.yml" }, { "name": "cloud_formation_cloud_connectors_template", "type": "text", "title": "CloudFormation Cloud Connectors Template", "description": "Template URL to Cloud Formation Cloud Connectors Stack", "multi": false, "required": true, "show_user": false, "default": "https://console.aws.amazon.com/cloudformation/home#/stacks/quickcreate?templateURL=https://elastic-cspm-cft.s3.eu-central-1.amazonaws.com/cloudformation-asset-inventory-cloud-connectors-ACCOUNT_TYPE-9.2.0.yml¶m_ElasticResourceId=RESOURCE_ID" } ], "title": "AWS Asset Discovery", "description": "AWS Asset Discovery" }, { "type": "cloudbeat/asset_inventory_azure", "vars": [ { "name": "arm_template_url", "type": "text", "title": "ARM Template URL", "description": "A URL to the ARM Template for creating a new deployment", "multi": false, "required": true, "show_user": false, "default": "https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Felastic%2Fcloudbeat%2F9.2%2Fdeploy%2Fasset-inventory-arm%2FARM-for-ACCOUNT_TYPE.json" }, { "name": "arm_template_cloud_connectors_url", "type": "text", "title": "ARM Cloud Connectors Template URL", "description": "A URL to the ARM Template for creating a Cloud Connectors managed identity", "multi": false, "required": true, "show_user": false, "default": "https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Felastic%2Fcloudbeat%2F9.2%2Fdeploy%2Fazure%2FARM-for-cloud-connectors-ACCOUNT_TYPE.json" } ], "title": "Azure Asset Discovery", "description": "Azure Asset Discovery" }, { "type": "cloudbeat/asset_inventory_gcp", "vars": [ { "name": "cloud_shell_url", "type": "text", "title": "CloudShell URL", "description": "A URL to CloudShell for creating a new deployment", "multi": false, "required": true, "show_user": false, "default": "https://shell.cloud.google.com/cloudshell/?ephemeral=true&cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Felastic%2Fcloudbeat&cloudshell_git_branch=main&cloudshell_workspace=deploy%2Finfrastructure-manager%2Fgcp-elastic-agent&show=terminal" }, { "name": "cloud_shell_url_cloud_connectors", "type": "text", "title": "Cloud Connectors CloudShell URL", "description": "A URL to CloudShell for creating a Cloud Connectors Service Account", "multi": false, "required": true, "show_user": false, "default": "https://shell.cloud.google.com/cloudshell/?ephemeral=true&cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Felastic%2Fcloudbeat&cloudshell_git_branch=main&cloudshell_workspace=deploy%2Finfrastructure-manager%2Fgcp-cloud-connectors&show=terminal" } ], "title": "GCP Asset Discovery", "description": "GCP Asset Discovery" } ], "multiple": true, "icons": [ { "src": "/img/logo_cloud_security_posture.svg", "path": "/package/cloud_asset_inventory/1.5.0-preview04/img/logo_cloud_security_posture.svg", "title": "CSPM logo", "size": "32x32", "type": "image/svg+xml" } ], "categories": [ "security", "cloud" ], "deployment_modes": { "default": { "enabled": true }, "agentless": { "enabled": true, "is_default": true } } } ], "data_streams": [ { "type": "logs", "dataset": "cloud_asset_inventory.asset_inventory", "title": "Cloud Assets Discovery", "release": "beta", "streams": [ { "input": "cloudbeat/asset_inventory_aws", "vars": [ { "name": "aws.account_type", "type": "select", "title": "Account type", "multi": false, "required": false, "show_user": true, "default": "organization-account" }, { "name": "aws.credentials.type", "type": "select", "title": "Credentials type", "multi": false, "required": false, "show_user": true }, { "name": "aws.access_key_id", "type": "text", "title": "Access Key ID", "description": "Required when using Direct Access Keys or Temporary Keys", "multi": false, "required": false, "show_user": true }, { "name": "aws.secret_access_key", "type": "text", "title": "Secret Access Key", "description": "Required when using Direct Access Keys or Temporary Keys", "multi": false, "required": false, "show_user": true }, { "name": "aws.session_token", "type": "text", "title": "Session Token", "description": "Required when using Temporary Keys", "multi": false, "required": false, "show_user": true }, { "name": "aws.shared_credential_file", "type": "text", "title": "Shared Credential File", "description": "Directory of the Shared Credentials file; required when using Shared Credentials", "multi": false, "required": false, "show_user": false }, { "name": "aws.credential_profile_name", "type": "text", "title": "Credential Profile Name", "description": "Required when using Shared Credentials", "multi": false, "required": false, "show_user": false }, { "name": "aws.role_arn", "type": "text", "title": "ARN Role", "description": "Required when using Assume Role", "multi": false, "required": false, "show_user": false }, { "name": "aws.supports_cloud_connectors", "type": "bool", "title": "Supports Cloud Connectors", "multi": false, "required": false, "show_user": false }, { "name": "aws.credentials.external_id", "type": "password", "title": "External ID", "multi": false, "required": false, "show_user": false } ], "template_path": "aws.yml.hbs", "title": "AWS Asset Discovery", "description": "Asset Discovery Discovery for AWS", "enabled": false }, { "input": "cloudbeat/asset_inventory_azure", "vars": [ { "name": "azure.account_type", "type": "select", "title": "Account type", "multi": false, "required": false, "show_user": true, "default": "organization-account" }, { "name": "azure.credentials.type", "type": "select", "title": "Credentials type", "multi": false, "required": false, "show_user": true }, { "name": "azure.credentials.client_id", "type": "text", "title": "Client ID", "description": "Required when using either of Service Principal options", "multi": false, "required": false, "show_user": true }, { "name": "azure.credentials.tenant_id", "type": "text", "title": "Tenant ID", "description": "Required when using Service Principal", "multi": false, "required": false, "show_user": true }, { "name": "azure.credentials.client_secret", "type": "password", "title": "Client Secret", "description": "Required when using Service Principal with Client Secret", "multi": false, "required": false, "show_user": true }, { "name": "azure.credentials.client_certificate_path", "type": "text", "title": "Client Certificate Path", "description": "Required when using Service Principal with Client Certificate", "multi": false, "required": false, "show_user": true }, { "name": "azure.credentials.client_certificate_password", "type": "password", "title": "Client Certificate Password", "description": "Required when using Service Principal with Client Certificate", "multi": false, "required": false, "show_user": true }, { "name": "azure_credentials_cloud_connector_id", "type": "text", "title": "Elastic Cloud Connector ID", "description": "Required when using Cloud Connectors Federated Identity", "multi": false, "required": false, "show_user": true }, { "name": "azure.supports_cloud_connectors", "type": "bool", "title": "Supports Cloud Connectors", "multi": false, "required": false, "show_user": false } ], "template_path": "azure.yml.hbs", "title": "Azure Asset Discovery", "description": "Asset Discovery Discovery for Azure", "enabled": false }, { "input": "cloudbeat/asset_inventory_gcp", "vars": [ { "name": "gcp.account_type", "type": "select", "title": "Account Type", "multi": false, "required": false, "show_user": true, "default": "organization-account" }, { "name": "gcp.organization_id", "type": "text", "title": "Organization ID", "description": "required if Account Type is GCP Organization", "multi": false, "required": false, "show_user": true }, { "name": "gcp.project_id", "type": "text", "title": "Project ID", "description": "the project where the agent will be deployed. if Account Type is Single Account, only this project will be scanned.", "multi": false, "required": false, "show_user": true }, { "name": "gcp.credentials.file", "type": "text", "title": "Credentials File", "description": "path to the credentials file. use either this or a credentials JSON.", "multi": false, "required": false, "show_user": true }, { "name": "gcp.credentials.json", "type": "textarea", "title": "Credentials JSON", "description": "a service account key JSON. use either this or a credentials file. required roles are: \"roles/cloudasset.viewer\" and \"roles/browser\". if Account Type is GCP Organization, grant access to these roles on the organization level.", "multi": false, "required": false, "show_user": true }, { "name": "gcp.credentials.type", "type": "text", "title": "Credentials type", "multi": false, "required": false, "show_user": false }, { "name": "gcp.credentials.service_account_email", "type": "text", "title": "Service Account Email", "multi": false, "required": false, "show_user": true }, { "name": "gcp.credentials.audience", "type": "text", "title": "Audience", "multi": false, "required": false, "show_user": true }, { "name": "gcp_credentials_cloud_connector_id", "type": "text", "title": "Elastic Cloud Connector ID", "description": "Required when using Cloud Connectors Managed Identity", "multi": false, "required": false, "show_user": true }, { "name": "gcp.supports_cloud_connectors", "type": "bool", "title": "Supports Cloud Connectors", "multi": false, "required": false, "show_user": false } ], "template_path": "gcp.yml.hbs", "title": "GCP Asset Discovery", "description": "Asset Discovery Discovery for GCP", "enabled": false } ], "package": "cloud_asset_inventory", "elasticsearch": { "index_template.mappings": { "dynamic": false } }, "path": "asset_inventory" } ] }