Thanks to visit codestin.com
Credit goes to github.com

Skip to content

#11810 - Enabling google_scc with Agentless deployment #12907

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Mar 4, 2025
Merged

#11810 - Enabling google_scc with Agentless deployment #12907

merged 5 commits into from
Mar 4, 2025

Conversation

qcorporation
Copy link
Contributor

@qcorporation qcorporation commented Feb 26, 2025
edited
Loading

Parent Ticket:
#11810

Proposed commit message

  • Updated the documentation based upon agreed upon language to highlight that the integration now supports Agentless deployment
    screencapture-m365-defender-testing-kb-eastus2-staging-azure-foundit-no-app-integrations-detail-google-scc-1-8-0-overview-2025-02-26-14_29_48

  • Upgraded the format_version to latest, 3.2.3

  • Updated Kibana version constraints to ^8.18 || ^9.0.0

  • Update the default.yml datastream to follow package-spec 3.2.3

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Testing

  1. Followed the onboarding to setup a new service account within google with the proper permissions and downloaded the key-json file
  2. Enabled Security Command Center API through the activation link
  3. Setup the integration to fetch assets through the api
  4. Validated that data flowed to ES
  5. Validated no noticeable errors were found within the agent diagnostics
  6. Validated dashboards were working fine

@qcorporation qcorporation added enhancement New feature or request Team:Service-Integrations Label for the Observability Service Integrations team Integration:google_scc Google Security Command Center Team:Security-Deployment and Devices DEPRECATED Deployment and Devices Security team [elastic/sec-deployment-and-devices] labels Feb 26, 2025
@qcorporation qcorporation requested review from a team February 26, 2025 19:38
@qcorporation qcorporation self-assigned this Feb 26, 2025
efd6
efd6 reviewed Feb 26, 2025
View reviewed changes
packages/google_scc/manifest.yml
conditions:
kibana:
version: "^8.13.0"
version: "^8.18.0 || ^9.0.0"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will merge of this change be held until the release date of 8.18?

Copy link
Contributor Author

@qcorporation qcorporation Feb 26, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@efd6 I don't think so. Because of this restrictions only 8.18 stacks and 9.0 stacks will see this upgrade. So this aligns with releasing it on 8.18.
The only downside would be that changes to this integration for bug fixes will be more difficult for stacks < 8.18

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The only downside would be that changes to this integration for bug fixes will be more difficult for stacks

Historically, this has been a big downside.

@qcorporation qcorporation marked this pull request as ready for review February 26, 2025 21:16
@elasticmachine
Copy link

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)

@elastic-vault-github-plugin-prod
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@qcorporation qcorporation requested review from efd6 and a team March 3, 2025 19:40
efd6
efd6 approved these changes Mar 3, 2025
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit, otherwise LGTM

@elasticmachine
Copy link

💚 Build Succeeded

History

cc @qcorporation

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@qcorporation qcorporation merged commit 984ba31 into main Mar 4, 2025
7 checks passed
@qcorporation qcorporation deleted the 11810-google_scc branch March 4, 2025 18:59
@elastic-vault-github-plugin-prod
Copy link

Package google_scc - 1.8.1 containing this change is available at https://epr.elastic.co/package/google_scc/1.8.1/

@kcreddy kcreddy mentioned this pull request Mar 5, 2025
Merged
4 tasks
flexitrev pushed a commit that referenced this pull request Mar 20, 2025
@qcorporation @flexitrev
#11810 - Enabling google_scc with Agentless deployment (#12907)
715a9f2 
* Enabling Agentless integration for google_scc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@efd6 efd6 efd6 approved these changes

Assignees

@qcorporation qcorporation

Labels
enhancement New feature or request Integration:google_scc Google Security Command Center Team:Security-Deployment and Devices DEPRECATED Deployment and Devices Security team [elastic/sec-deployment-and-devices] Team:Service-Integrations Label for the Observability Service Integrations team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@qcorporation @elasticmachine @efd6