Skip to content

add temp master ci#1

Closed
amirbenun wants to merge 1 commit into
mainfrom
buildsecurity-beats-cloudbeat
Closed

add temp master ci#1
amirbenun wants to merge 1 commit into
mainfrom
buildsecurity-beats-cloudbeat

Conversation

@amirbenun

Copy link
Copy Markdown
Contributor

No description provided.

@oren-zohar

Copy link
Copy Markdown
Collaborator

I think we can close this one

@oren-zohar oren-zohar closed this Feb 16, 2022
@oren-zohar oren-zohar deleted the buildsecurity-beats-cloudbeat branch March 24, 2022 23:36
kfirpeled referenced this pull request in kfirpeled/cloudbeat Apr 11, 2022
orouz referenced this pull request in orouz/cloudbeat Sep 6, 2023
orouz referenced this pull request in orouz/cloudbeat Sep 6, 2023
* Add files via upload

* Update worker.js

* Merge pull request #1 from ofiriro3/editing-readme

Adding information to readme.md

* Merge pull request #2 from ofiriro3/editing-readme

Indentation + path for csp

* Update README.md

Adding a bit of information regarding the manual process of rules

* Merge pull request #3 from jeniawhite/add-json-gen

add json rule generator

* Add an option to generate report for missing rules (#4)

* Rule template schema changes - introducing `metadata` field

* temp solution for merge

* Initial commit

* move to subfolder

* revert temp

* mv .gitattributes

Co-authored-by: Evgeniy Belyi <jeniawhite92@gmail.com>
Co-authored-by: ofiriro3 <ofiriro3@Gmail.com>
Co-authored-by: Uri Weisman <68195305+uri-weisman@users.noreply.github.com>
Co-authored-by: Kfir Peled <61654899+kfirpeled@users.noreply.github.com>
orestisfl referenced this pull request in orestisfl/cloudbeat Oct 11, 2023
* Add files via upload

* Update worker.js

* Merge pull request #1 from ofiriro3/editing-readme

Adding information to readme.md

* Merge pull request #2 from ofiriro3/editing-readme

Indentation + path for csp

* Update README.md

Adding a bit of information regarding the manual process of rules

* Merge pull request #3 from jeniawhite/add-json-gen

add json rule generator

* Add an option to generate report for missing rules (#4)

* Rule template schema changes - introducing `metadata` field

* temp solution for merge

* Initial commit

* move to subfolder

* revert temp

* mv .gitattributes

Co-authored-by: Evgeniy Belyi <jeniawhite92@gmail.com>
Co-authored-by: ofiriro3 <ofiriro3@Gmail.com>
Co-authored-by: Uri Weisman <68195305+uri-weisman@users.noreply.github.com>
Co-authored-by: Kfir Peled <61654899+kfirpeled@users.noreply.github.com>
gsarantid referenced this pull request in gsarantid/cloudbeat Jul 6, 2026
## Summary

Follow-up to InfoSec's review of elastic#6991. Adds the remaining EC2 and ELB
fields InfoSec needs to retire their custom AWS CLI scripts for the
FedRAMP
asset inventory. All new fields land in `entity.attributes.*` (non-ECS,
UpperCamelCase) — no ECS mapping change required.

Tracking: elastic/security-team#17750

## Changes

**EC2** (`entity.attributes`):
- `ImageId`, `Platform`, `VpcId`, `SubnetId`, `State`, `RoleArn`
- `Owner`, `CostCenter` — resolved case-insensitively from instance tags

**ELB v1 + v2** (`entity.attributes`):
- `LoadBalancerType` — v2 reports the real type; v1 reports `classic`
- `AccountID`
- `State` — v2 only (`State.Code`); classic ELB exposes no state field
- `IPAddresses` — NLB static IPs; ALB/classic are DNS-only (empty)
- `OwnerTag` — required adding `DescribeTags` to both ELB `Client`
  interfaces and providers (batched to the 20-item AWS limit)

## Notes
- No `elastic/integrations` change: `entity.attributes` is `flattened`,
so
  new keys need no mapping and there's no migration.
- No new asset classifications, so `ASSETS.md` is unchanged. Route53 and
  EKS (also requested in the review) are separate follow-up PRs.
- Mocks regenerated; unit tests cover EC2 attributes and the ELB
  Type/State/IPAddresses/OwnerTag flow end-to-end.

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants