From 689fe985e50ff6fff247a4831e9404d3b9709178 Mon Sep 17 00:00:00 2001
From: Benjamin Ironside Goldstein <benjamin.ironside@elastic.co>
Date: Fri, 14 Nov 2025 14:56:59 -0800
Subject: [PATCH 1/3] Adds known issues for 9.2.x and serverless

---
 .../elastic-cloud-serverless/known-issues.md  | 11 +++++++++++
 .../elastic-security/known-issues.md          | 19 +++++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/release-notes/elastic-cloud-serverless/known-issues.md b/release-notes/elastic-cloud-serverless/known-issues.md
index 39ba4d8255..2ca0784869 100644
--- a/release-notes/elastic-cloud-serverless/known-issues.md
+++ b/release-notes/elastic-cloud-serverless/known-issues.md
@@ -16,6 +16,17 @@ Known issues are significant defects or limitations that may impact your impleme
 
 ## Active
 
+:::{dropdown} Deploying integrations using AWS CloudFormation doesn't work
+On November 10, 2025 it was discovered that new deployments of integrations such as Asset Discovery and Cloud Security Posture Management that collect data from cloud service providers do not work when deployed to AWS using the AWS CloudFormation deployment option. The problem results from a malformed CloudFormation parameter: `ElasticAgentVersion`. The default value for `ElasticAgentVersion` has a `space` instead of a `+`. This produces an invalid agent version value.
+
+For more information, check [#14627](https://github.com/elastic/security-team/issues/14627).
+
+
+**Workaround**<br> 
+
+To work around this issue, update the default CloudFormation template by replacing the `space` in the `ElasticAgentVersion` oarameter with a `+`.
+
+:::
 
 
 ::::{dropdown} Alerts aren't generated for rules with alert flapping off and an alert delay higher than 1
diff --git a/release-notes/elastic-security/known-issues.md b/release-notes/elastic-security/known-issues.md
index 36bdb09cad..83e02a717a 100644
--- a/release-notes/elastic-security/known-issues.md
+++ b/release-notes/elastic-security/known-issues.md
@@ -16,6 +16,25 @@ Known issues are significant defects or limitations that may impact your impleme
 
 % :::
 
+:::{dropdown} Deploying integrations using AWS CloudFormation doesn't work
+Applies to: 9.2.0 and 9.2.1
+
+**Impact**<br> 
+New deployments of integrations such as Asset Discovery and Cloud Security Posture Management that collect data from cloud service providers do not work when deployed to AWS using the AWS CloudFormation deployment option. The problem results from a malformed CloudFormation parameter: `ElasticAgentVersion`. The default value for `ElasticAgentVersion` has a `space` instead of a `+`. This produces an invalid agent version value.
+
+For more information, check [#14627](https://github.com/elastic/security-team/issues/14627).
+
+
+**Workaround**<br> 
+
+To work around this issue, update the default CloudFormation template by replacing the `space` in the `ElasticAgentVersion` oarameter with a `+`.
+
+**Resolved**<br>
+
+Resolved in {{stack}} 9.2.2.
+
+:::
+
 :::{dropdown} Entity store transform is unavailable 
 
 Applies to: 9.2.0

From 59c4591097edb44f82f2588afe1148f7432092fa Mon Sep 17 00:00:00 2001
From: Benjamin Ironside Goldstein <benjamin.ironside@elastic.co>
Date: Fri, 14 Nov 2025 15:12:17 -0800
Subject: [PATCH 2/3] typo fix

---
 release-notes/elastic-cloud-serverless/known-issues.md | 2 +-
 release-notes/elastic-security/known-issues.md         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/release-notes/elastic-cloud-serverless/known-issues.md b/release-notes/elastic-cloud-serverless/known-issues.md
index 2ca0784869..09fb58b273 100644
--- a/release-notes/elastic-cloud-serverless/known-issues.md
+++ b/release-notes/elastic-cloud-serverless/known-issues.md
@@ -24,7 +24,7 @@ For more information, check [#14627](https://github.com/elastic/security-team/is
 
 **Workaround**<br> 
 
-To work around this issue, update the default CloudFormation template by replacing the `space` in the `ElasticAgentVersion` oarameter with a `+`.
+To work around this issue, update the default CloudFormation template by replacing the `space` in the `ElasticAgentVersion` parameter with a `+`.
 
 :::
 
diff --git a/release-notes/elastic-security/known-issues.md b/release-notes/elastic-security/known-issues.md
index 83e02a717a..08c8f2d07f 100644
--- a/release-notes/elastic-security/known-issues.md
+++ b/release-notes/elastic-security/known-issues.md
@@ -27,7 +27,7 @@ For more information, check [#14627](https://github.com/elastic/security-team/is
 
 **Workaround**<br> 
 
-To work around this issue, update the default CloudFormation template by replacing the `space` in the `ElasticAgentVersion` oarameter with a `+`.
+To work around this issue, update the default CloudFormation template by replacing the `space` in the `ElasticAgentVersion` parameter with a `+`.
 
 **Resolved**<br>
 

From 9fcf5da5bf7a0bd4cacdf8fe4a859d90be50231e Mon Sep 17 00:00:00 2001
From: Benjamin Ironside Goldstein <benjamin.ironside@elastic.co>
Date: Mon, 17 Nov 2025 12:37:17 -0800
Subject: [PATCH 3/3] Incorporates Brandon's review

---
 release-notes/elastic-cloud-serverless/known-issues.md | 6 +++---
 release-notes/elastic-security/known-issues.md         | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/release-notes/elastic-cloud-serverless/known-issues.md b/release-notes/elastic-cloud-serverless/known-issues.md
index 09fb58b273..6de832f4da 100644
--- a/release-notes/elastic-cloud-serverless/known-issues.md
+++ b/release-notes/elastic-cloud-serverless/known-issues.md
@@ -17,14 +17,14 @@ Known issues are significant defects or limitations that may impact your impleme
 ## Active
 
 :::{dropdown} Deploying integrations using AWS CloudFormation doesn't work
-On November 10, 2025 it was discovered that new deployments of integrations such as Asset Discovery and Cloud Security Posture Management that collect data from cloud service providers do not work when deployed to AWS using the AWS CloudFormation deployment option. The problem results from a malformed CloudFormation parameter: `ElasticAgentVersion`. The default value for `ElasticAgentVersion` has a `space` instead of a `+`. This produces an invalid agent version value.
+New deployments of integrations that collect data from cloud service providers, such as Asset Discovery and Cloud Security Posture Management, do not work when deployed to AWS using agent-based deployment and the AWS CloudFormation deployment option. The problem results from a malformed CloudFormation parameter: `ElasticAgentVersion`. The default value for `ElasticAgentVersion` has a space instead of a `+`. This produces an invalid agent version value.
 
-For more information, check [#14627](https://github.com/elastic/security-team/issues/14627).
+For more information, check [#14627](https://github.com/elastic/kibana/pull/242365).
 
 
 **Workaround**<br> 
 
-To work around this issue, update the default CloudFormation template by replacing the `space` in the `ElasticAgentVersion` parameter with a `+`.
+To work around this issue, update the default CloudFormation template by replacing the space in the `ElasticAgentVersion` parameter with a `+`.
 
 :::
 
diff --git a/release-notes/elastic-security/known-issues.md b/release-notes/elastic-security/known-issues.md
index 08c8f2d07f..5026b1382c 100644
--- a/release-notes/elastic-security/known-issues.md
+++ b/release-notes/elastic-security/known-issues.md
@@ -20,14 +20,14 @@ Known issues are significant defects or limitations that may impact your impleme
 Applies to: 9.2.0 and 9.2.1
 
 **Impact**<br> 
-New deployments of integrations such as Asset Discovery and Cloud Security Posture Management that collect data from cloud service providers do not work when deployed to AWS using the AWS CloudFormation deployment option. The problem results from a malformed CloudFormation parameter: `ElasticAgentVersion`. The default value for `ElasticAgentVersion` has a `space` instead of a `+`. This produces an invalid agent version value.
+New deployments of integrations that collect data from cloud service providers, such as Asset Discovery and Cloud Security Posture Management, do not work when deployed to AWS using agent-based deployment and the AWS CloudFormation deployment option. The problem results from a malformed CloudFormation parameter: `ElasticAgentVersion`. The default value for `ElasticAgentVersion` has a space instead of a `+`. This produces an invalid agent version value.
 
-For more information, check [#14627](https://github.com/elastic/security-team/issues/14627).
+For more information, check [#14627](https://github.com/elastic/kibana/pull/242365).
 
 
 **Workaround**<br> 
 
-To work around this issue, update the default CloudFormation template by replacing the `space` in the `ElasticAgentVersion` parameter with a `+`.
+To work around this issue, update the default CloudFormation template by replacing the space in the `ElasticAgentVersion` parameter with a `+`.
 
 **Resolved**<br>