Skip to content

[9.0] Add Defender for Cloud to 3rd party integrations permissions required for transform (#133623) #133798

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 29, 2025
Merged

[9.0] Add Defender for Cloud to 3rd party integrations permissions required for transform (#133623) #133798

merged 1 commit into from
Aug 29, 2025

Conversation

kcreddy
Copy link
Contributor

@kcreddy kcreddy commented Aug 29, 2025

Backport

This will backport the following commits from main to 9.0:

Questions ?

Please refer to the Backport tool documentation

@kcreddy
Add Defender for Cloud to 3rd party integrations permissions required…
2cb1428 
… for transform (elastic#133623)

Add logs-microsoft_defender_cloud.assessment data stream indices to the kibana_system's read privileges. This is required for the latest transform for 3rd party integrations CDR workflows (vulnerability and misconfigurations findings) to work.

Also adds delete_index on logs-microsoft_defender_cloud.assessment-* to facilitate index removal through ILM policies.
Related: For elastic/integrations#14785

Similar to elastic#132445

(cherry picked from commit eb005b0)
@elasticsearchmachine elasticsearchmachine added external-contributor Pull request authored by a developer outside the Elasticsearch team v9.0.7 labels Aug 29, 2025
@kcreddy kcreddy mentioned this pull request Aug 29, 2025
Merged
@kcreddy kcreddy added auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) >non-issue :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC Team:Security Meta label for security team Team:Cloud Security Meta label for Cloud Security team labels Aug 29, 2025
@elasticsearchmachine elasticsearchmachine merged commit edeafb6 into elastic:9.0 Aug 29, 2025
19 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) backport external-contributor Pull request authored by a developer outside the Elasticsearch team >non-issue :Security/Authorization Roles, Privileges, DLS/FLS, RBAC/ABAC Team:Cloud Security Meta label for Cloud Security team Team:Security Meta label for security team v9.0.7

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kcreddy @elasticsearchmachine