Skip to content

Add support for AWS Access Point ARN in compatible integrations #12154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 0 commits into from
Jan 3, 2025
Merged

Add support for AWS Access Point ARN in compatible integrations #12154

merged 0 commits into from
Jan 3, 2025

Conversation

chemamartinez
Copy link
Contributor

Proposed commit message

Add support for the new setting access_point_arn for the AWS S3 input added at elastic/beats#41495 for 8.16.2 and 8.17.0.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Related issues

@chemamartinez chemamartinez added enhancement New feature or request Integration:aws AWS Integration:cisco_umbrella Cisco Umbrella Integration:carbon_black_cloud VMware Carbon Black Cloud Integration:tanium Tanium Integration:cloudflare_logpush Cloudflare Logpush Integration:f5_bigip F5 BIG-IP Integration:amazon_security_lake Amazon Security Lake Integration:sentinel_one_cloud_funnel SentinelOne Cloud Funnel Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Integration:imperva_cloud_waf Imperva Cloud WAF Integration:jamf_protect Jamf Protect (Partner supported) Integration:aws_bedrock Amazon Bedrock Integration:aws_logs Custom AWS Logs Integration:symantec_endpoint_security Symantec Endpoint Security Integration:trellix_edr_cloud Trellix EDR Cloud Integration:canva Canva Integration:sublime_security Sublime Security Integration:servicenow ServiceNow labels Dec 18, 2024
@chemamartinez chemamartinez self-assigned this Dec 18, 2024
@chemamartinez chemamartinez marked this pull request as ready for review December 18, 2024 17:18
@chemamartinez chemamartinez requested review from a team as code owners December 18, 2024 17:18
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@andrewkroh andrewkroh added Team:obs-ds-hosted-services Observability Hosted Services team [elastic/obs-ds-hosted-services] Team:Obs-InfraObs Observability Infrastructure Monitoring team [elastic/obs-infraobs-integrations] labels Dec 18, 2024
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Dec 18, 2024
edited
Loading

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@chemamartinez
Copy link
Contributor Author

/test

@chemamartinez chemamartinez force-pushed the 11737-access_point_arn-awss3 branch from cba611c to 97eb11a Compare December 19, 2024 15:48
ShourieG
ShourieG approved these changes Dec 24, 2024
View reviewed changes
Copy link
Contributor

@ShourieG ShourieG left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

zmoog
zmoog approved these changes Jan 2, 2025
View reviewed changes
Copy link
Contributor

@zmoog zmoog left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mostly focused on the elastic/obs-ds-hosted-services integration packages (aws, aws_logs) and data streams, but the PR looks good.

So, LGTM.

agithomas
agithomas reviewed Jan 2, 2025
View reviewed changes
packages/aws/data_stream/cloudtrail/manifest.yml Outdated
multi: false
required: false
show_user: true
description: This is an alternative to the Bucket ARN, one of them is required for collecting logs via the AWS S3 Bucket.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nits: Suggestion to rephrase the description to clearly conveying the relationship with BucketARN

Mandatory if the "Collect logs via S3 Bucket" switch is on. It is a required parameter for collecting logs via the AWS S3 Bucket unless you set a Bucket ARN.

Not sure, how important it is to mention - what happens if both BucketARN and AccessPoint ARNs are set, which one is be given higher preference? Would it be an important point to mention in the README ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the suggestions.

Not sure, how important it is to mention - what happens if both BucketARN and AccessPoint ARNs are set, which one is be given higher preference? Would it be an important point to mention in the README ?

I think it is nice to have it. I added it at the description of Bucket ARN setting, as Readme don't talk about these particular settings in most of the integrations.

agithomas
agithomas approved these changes Jan 2, 2025
View reviewed changes
Copy link
Contributor

@agithomas agithomas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a suggestion for improving the description. Other changes LGTM!

@chemamartinez
Copy link
Contributor Author

/test

@elasticmachine
Copy link

💚 Build Succeeded

History

  • 💔 Build #19977 failed 443f47926fd1a27b455fc5eb0e87824a85066334
  • 💔 Build #19965 failed 693f66c9dfd28215f90ee0c99d86704e0c270c13
  • 💔 Build #19963 failed 693f66c9dfd28215f90ee0c99d86704e0c270c13
  • 💔 Build #19962 failed 9eb2ef16f563c0dca66a756405bcb34638de036b
  • 💚 Build #19807 succeeded 5ceacdc20b40f092bbab54246b32b4b484b01e72
  • 💚 Build #19727 succeeded 88e5383412b2a9372e54b4e7fab47be13639de95

cc @chemamartinez

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
93.3% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@chemamartinez chemamartinez merged commit 8d8142f into elastic:main Jan 3, 2025
5 checks passed
@elastic-vault-github-plugin-prod
Copy link

Package amazon_security_lake - 2.3.0 containing this change is available at https://epr.elastic.co/package/amazon_security_lake/2.3.0/

@elastic-vault-github-plugin-prod
Copy link

Package aws - 2.38.0 containing this change is available at https://epr.elastic.co/package/aws/2.38.0/

@elastic-vault-github-plugin-prod
Copy link

Package aws_bedrock - 0.18.0 containing this change is available at https://epr.elastic.co/package/aws_bedrock/0.18.0/

@elastic-vault-github-plugin-prod
Copy link

Package aws_logs - 1.6.0 containing this change is available at https://epr.elastic.co/package/aws_logs/1.6.0/

@elastic-vault-github-plugin-prod
Copy link

Package canva - 0.4.0 containing this change is available at https://epr.elastic.co/package/canva/0.4.0/

@elastic-vault-github-plugin-prod
Copy link

Package carbon_black_cloud - 2.8.0 containing this change is available at https://epr.elastic.co/package/carbon_black_cloud/2.8.0/

@elastic-vault-github-plugin-prod
Copy link

Package cisco_umbrella - 1.28.0 containing this change is available at https://epr.elastic.co/package/cisco_umbrella/1.28.0/

@elastic-vault-github-plugin-prod
Copy link

Package cloudflare_logpush - 1.29.0 containing this change is available at https://epr.elastic.co/package/cloudflare_logpush/1.29.0/

@elastic-vault-github-plugin-prod
Copy link

Package f5_bigip - 1.23.0 containing this change is available at https://epr.elastic.co/package/f5_bigip/1.23.0/

@elastic-vault-github-plugin-prod
Copy link

Package imperva_cloud_waf - 1.5.0 containing this change is available at https://epr.elastic.co/package/imperva_cloud_waf/1.5.0/

@elastic-vault-github-plugin-prod
Copy link

Package jamf_protect - 2.9.0 containing this change is available at https://epr.elastic.co/package/jamf_protect/2.9.0/

@elastic-vault-github-plugin-prod
Copy link

Package sentinel_one_cloud_funnel - 1.8.0 containing this change is available at https://epr.elastic.co/package/sentinel_one_cloud_funnel/1.8.0/

@elastic-vault-github-plugin-prod
Copy link

Package servicenow - 0.8.0 containing this change is available at https://epr.elastic.co/package/servicenow/0.8.0/

@elastic-vault-github-plugin-prod
Copy link

Package sublime_security - 1.4.0 containing this change is available at https://epr.elastic.co/package/sublime_security/1.4.0/

@elastic-vault-github-plugin-prod
Copy link

Package symantec_endpoint_security - 1.6.0 containing this change is available at https://epr.elastic.co/package/symantec_endpoint_security/1.6.0/

@elastic-vault-github-plugin-prod
Copy link

Package tanium - 1.14.0 containing this change is available at https://epr.elastic.co/package/tanium/1.14.0/

@elastic-vault-github-plugin-prod
Copy link

Package trellix_edr_cloud - 1.6.0 containing this change is available at https://epr.elastic.co/package/trellix_edr_cloud/1.6.0/

harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
@chemamartinez
Add support for AWS Access Point ARN in compatible integrations (elas…
cb7d5c0 
…tic#12154)

Add support for the new setting access_point_arn for the integrations that rely on the AWS S3 input.
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
@chemamartinez
Add support for AWS Access Point ARN in compatible integrations (elas…
c447829 
…tic#12154)

Add support for the new setting access_point_arn for the integrations that rely on the AWS S3 input.
@chemamartinez chemamartinez deleted the 11737-access_point_arn-awss3 branch February 6, 2025 10:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zmoog zmoog zmoog approved these changes

@Kavindu-Dodan Kavindu-Dodan Kavindu-Dodan approved these changes

@agithomas agithomas agithomas approved these changes

@ShourieG ShourieG ShourieG approved these changes

Assignees

@chemamartinez chemamartinez

Labels
enhancement New feature or request Integration:amazon_security_lake Amazon Security Lake Integration:aws_bedrock Amazon Bedrock Integration:aws_logs Custom AWS Logs Integration:aws AWS Integration:canva Canva Integration:carbon_black_cloud VMware Carbon Black Cloud Integration:cisco_umbrella Cisco Umbrella Integration:cloudflare_logpush Cloudflare Logpush Integration:f5_bigip F5 BIG-IP Integration:imperva_cloud_waf Imperva Cloud WAF Integration:jamf_protect Jamf Protect (Partner supported) Integration:sentinel_one_cloud_funnel SentinelOne Cloud Funnel Integration:servicenow ServiceNow Integration:sublime_security Sublime Security Integration:symantec_endpoint_security Symantec Endpoint Security Integration:tanium Tanium Integration:trellix_edr_cloud Trellix EDR Cloud Team:obs-ds-hosted-services Observability Hosted Services team [elastic/obs-ds-hosted-services] Team:Obs-InfraObs Observability Infrastructure Monitoring team [elastic/obs-infraobs-integrations] Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add Access Point ARN option to integrations using AWS S3 input
7 participants
@chemamartinez @elasticmachine @ShourieG @zmoog @Kavindu-Dodan @agithomas @andrewkroh