Skip to content

Commit 0aff076

Browse files
muskan-crestmuskan-crest
committed
Resolve comments provided by @efd6.
1. Add config data stream entry in CODEOWNERS. 2. Update changelog entry. 3. Format CEL code as suggested. 4. Added fields into redact. 5. Changed transform version v1. 6. Used minify_json in config.yml file.
1 parent eebfe20 commit 0aff076

File tree

10 files changed

+328
-178
lines changed

10 files changed

+328
-178
lines changed

.github/CODEOWNERS

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@
3838
/packages/aws/data_stream/cloudtrail @elastic/obs-infraobs-integrations
3939
/packages/aws/data_stream/cloudwatch_logs @elastic/obs-ds-hosted-services
4040
/packages/aws/data_stream/cloudwatch_metrics @elastic/obs-ds-hosted-services
41+
/packages/aws/data_stream/config @elastic/security-service-integrations
4142
/packages/aws/data_stream/dynamodb @elastic/obs-infraobs-integrations
4243
/packages/aws/data_stream/ebs @elastic/obs-ds-hosted-services
4344
/packages/aws/data_stream/ec2_logs @elastic/obs-ds-hosted-services

packages/aws/changelog.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
changes:
44
- description: Add new AWS Config datastream.
55
type: enhancement
6-
link: https://github.com/elastic/integrations/pull/1
6+
link: https://github.com/elastic/integrations/pull/13830
77
- version: "3.3.1"
88
changes:
99
- description: Fix handling of duplicate fields in Network Firewall Logs data stream.

packages/aws/data_stream/config/_dev/deploy/docker/files/config.yml

Lines changed: 134 additions & 122 deletions
Original file line numberDiff line numberDiff line change
@@ -10,32 +10,34 @@ rules:
1010
responses:
1111
- status_code: 200
1212
body: |-
13+
{{ minify_json `
1314
{
14-
"ConfigRules": [
15+
"ConfigRules": [
16+
{
17+
"ConfigRuleArn": "arn:aws:config:us-east-1:11223344556:config-rule/config-rule-id3",
18+
"ConfigRuleId": "config-rule-id3",
19+
"ConfigRuleName": "required-tags",
20+
"ConfigRuleState": "ACTIVE",
21+
"Description": "Checks whether your resources have the tags that you specify.",
22+
"EvaluationModes": [
1523
{
16-
"ConfigRuleArn": "arn:aws:config:us-east-1:11223344556:config-rule/config-rule-id3",
17-
"ConfigRuleId": "config-rule-id3",
18-
"ConfigRuleName": "required-tags",
19-
"ConfigRuleState": "ACTIVE",
20-
"Description": "Checks whether your resources have the tags that you specify.",
21-
"EvaluationModes": [
22-
{
23-
"Mode": "DETECTIVE"
24-
}
25-
],
26-
"InputParameters": "{\"tag1Key\":\"k1\",\"tag1Value\":\"v1\"}",
27-
"Scope": {
28-
"ComplianceResourceTypes": [
29-
"AWS::EC2::Instance"
30-
]
31-
},
32-
"Source": {
33-
"Owner": "AWS",
34-
"SourceIdentifier": "REQUIRED_TAGS"
35-
}
24+
"Mode": "DETECTIVE"
3625
}
37-
]
26+
],
27+
"InputParameters": "{\"tag1Key\":\"k1\",\"tag1Value\":\"v1\"}",
28+
"Scope": {
29+
"ComplianceResourceTypes": [
30+
"AWS::EC2::Instance"
31+
]
32+
},
33+
"Source": {
34+
"Owner": "AWS",
35+
"SourceIdentifier": "REQUIRED_TAGS"
36+
}
37+
}
38+
]
3839
}
40+
`}}
3941
- path: /
4042
methods: ["POST"]
4143
request_headers:
@@ -46,47 +48,49 @@ rules:
4648
responses:
4749
- status_code: 200
4850
body: |-
51+
{{ minify_json `
4952
{
5053
"ConfigRules": [
51-
{
52-
"ConfigRuleArn": "arn:aws:config:us-east-1:11223344556:config-rule/config-rule-id1",
53-
"ConfigRuleId": "config-rule-id1",
54-
"ConfigRuleName": "access-keys-rotated",
55-
"ConfigRuleState": "ACTIVE",
56-
"Description": "Checks whether the active access keys are rotated within the number of days specified in maxAccessKeyAge. The rule is non-compliant if the access keys have not been rotated for more than maxAccessKeyAge number of days.",
57-
"EvaluationModes": [
58-
{
59-
"Mode": "DETECTIVE"
60-
}
61-
],
62-
"InputParameters": "{\"maxAccessKeyAge\":\"90\"}",
63-
"MaximumExecutionFrequency": "TwentyFour_Hours",
64-
"Source": {
65-
"Owner": "AWS",
66-
"SourceIdentifier": "ACCESS_KEYS_ROTATED"
67-
}
68-
},
69-
{
70-
"ConfigRuleArn": "arn:aws:config:us-east-1:11223344556:config-rule/config-rule-id2",
71-
"ConfigRuleId": "config-rule-id2",
72-
"ConfigRuleName": "account-part-of-organizations",
73-
"ConfigRuleState": "ACTIVE",
74-
"Description": "Rule checks whether AWS account is part of AWS Organizations. The rule is NON_COMPLIANT if the AWS account is not part of AWS Organizations or AWS Organizations master account ID does not match rule parameter MasterAccountId.",
75-
"EvaluationModes": [
76-
{
77-
"Mode": "DETECTIVE"
78-
}
79-
],
80-
"InputParameters": "{}",
81-
"MaximumExecutionFrequency": "TwentyFour_Hours",
82-
"Source": {
83-
"Owner": "AWS",
84-
"SourceIdentifier": "ACCOUNT_PART_OF_ORGANIZATIONS"
85-
}
54+
{
55+
"ConfigRuleArn": "arn:aws:config:us-east-1:11223344556:config-rule/config-rule-id1",
56+
"ConfigRuleId": "config-rule-id1",
57+
"ConfigRuleName": "access-keys-rotated",
58+
"ConfigRuleState": "ACTIVE",
59+
"Description": "Checks whether the active access keys are rotated within the number of days specified in maxAccessKeyAge. The rule is non-compliant if the access keys have not been rotated for more than maxAccessKeyAge number of days.",
60+
"EvaluationModes": [
61+
{
62+
"Mode": "DETECTIVE"
63+
}
64+
],
65+
"InputParameters": "{\"maxAccessKeyAge\":\"90\"}",
66+
"MaximumExecutionFrequency": "TwentyFour_Hours",
67+
"Source": {
68+
"Owner": "AWS",
69+
"SourceIdentifier": "ACCESS_KEYS_ROTATED"
70+
}
71+
},
72+
{
73+
"ConfigRuleArn": "arn:aws:config:us-east-1:11223344556:config-rule/config-rule-id2",
74+
"ConfigRuleId": "config-rule-id2",
75+
"ConfigRuleName": "account-part-of-organizations",
76+
"ConfigRuleState": "ACTIVE",
77+
"Description": "Rule checks whether AWS account is part of AWS Organizations. The rule is NON_COMPLIANT if the AWS account is not part of AWS Organizations or AWS Organizations master account ID does not match rule parameter MasterAccountId.",
78+
"EvaluationModes": [
79+
{
80+
"Mode": "DETECTIVE"
81+
}
82+
],
83+
"InputParameters": "{}",
84+
"MaximumExecutionFrequency": "TwentyFour_Hours",
85+
"Source": {
86+
"Owner": "AWS",
87+
"SourceIdentifier": "ACCOUNT_PART_OF_ORGANIZATIONS"
8688
}
89+
}
8790
],
8891
"NextToken": "page2"
8992
}
93+
`}}
9094
- path: /
9195
methods: ["POST"]
9296
request_headers:
@@ -98,39 +102,41 @@ rules:
98102
responses:
99103
- status_code: 200
100104
body: |-
105+
{{ minify_json `
101106
{
102-
"EvaluationResults": [
103-
{
104-
"ComplianceType": "COMPLIANT",
105-
"ConfigRuleInvokedTime": 1.444799479852E9,
106-
"EvaluationResultIdentifier": {
107-
"EvaluationResultQualifier": {
108-
"ConfigRuleName": "access-keys-rotated",
109-
"EvaluationMode": "DETECTIVE",
110-
"ResourceId": "i-0a4468fbfafeeg20h",
111-
"ResourceType": "AWS::EC2::Instance"
112-
},
113-
"OrderingTimestamp": 1.443541951883E9
114-
},
115-
"ResultRecordedTime": 1.444799480061E9
107+
"EvaluationResults": [
108+
{
109+
"ComplianceType": "COMPLIANT",
110+
"ConfigRuleInvokedTime": 1444799479.852,
111+
"EvaluationResultIdentifier": {
112+
"EvaluationResultQualifier": {
113+
"ConfigRuleName": "access-keys-rotated",
114+
"EvaluationMode": "DETECTIVE",
115+
"ResourceId": "i-0a4468fbfafeeg20h",
116+
"ResourceType": "AWS::EC2::Instance"
116117
},
117-
{
118-
"ComplianceType": "COMPLIANT",
119-
"ConfigRuleInvokedTime": 1.544799479852E9,
120-
"EvaluationResultIdentifier": {
121-
"EvaluationResultQualifier": {
122-
"ConfigRuleName": "access-keys-rotated",
123-
"EvaluationMode": "DETECTIVE",
124-
"ResourceId": "i-0a4468fbfafeeg30h",
125-
"ResourceType": "AWS::EC2::Instance"
126-
},
127-
"OrderingTimestamp": 1.543541951883E9
128-
},
129-
"ResultRecordedTime": 1.544799480061E9
130-
}
131-
],
132-
"NextToken": "page2"
118+
"OrderingTimestamp": 1443541951.883
119+
},
120+
"ResultRecordedTime": 1444799480.061
121+
},
122+
{
123+
"ComplianceType": "COMPLIANT",
124+
"ConfigRuleInvokedTime": 1544799479.852,
125+
"EvaluationResultIdentifier": {
126+
"EvaluationResultQualifier": {
127+
"ConfigRuleName": "access-keys-rotated",
128+
"EvaluationMode": "DETECTIVE",
129+
"ResourceId": "i-0a4468fbfafeeg30h",
130+
"ResourceType": "AWS::EC2::Instance"
131+
},
132+
"OrderingTimestamp": 1543541951.883
133+
},
134+
"ResultRecordedTime": 1544799480.061
135+
}
136+
],
137+
"NextToken": "page2"
133138
}
139+
`}}
134140
- path: /
135141
methods: ["POST"]
136142
request_headers:
@@ -142,24 +148,26 @@ rules:
142148
responses:
143149
- status_code: 200
144150
body: |-
151+
{{ minify_json `
145152
{
146-
"EvaluationResults": [
147-
{
148-
"ComplianceType": "NON_COMPLIANT",
149-
"ConfigRuleInvokedTime": 1.644799479852E9,
150-
"EvaluationResultIdentifier": {
151-
"EvaluationResultQualifier": {
152-
"ConfigRuleName": "access-keys-rotated",
153-
"EvaluationMode": "DETECTIVE",
154-
"ResourceId": "i-0a4468fbfafeeg30h",
155-
"ResourceType": "AWS::EC2::Instance"
156-
},
157-
"OrderingTimestamp": 1.643541951883E9
158-
},
159-
"ResultRecordedTime": 1.644799480061E9
160-
}
161-
]
153+
"EvaluationResults": [
154+
{
155+
"ComplianceType": "NON_COMPLIANT",
156+
"ConfigRuleInvokedTime": 1644799479.852,
157+
"EvaluationResultIdentifier": {
158+
"EvaluationResultQualifier": {
159+
"ConfigRuleName": "access-keys-rotated",
160+
"EvaluationMode": "DETECTIVE",
161+
"ResourceId": "i-0a4468fbfafeeg30h",
162+
"ResourceType": "AWS::EC2::Instance"
163+
},
164+
"OrderingTimestamp": 1643541951.883
165+
},
166+
"ResultRecordedTime": 1644799480.061
167+
}
168+
]
162169
}
170+
`}}
163171
- path: /
164172
methods: ["POST"]
165173
request_headers:
@@ -171,9 +179,11 @@ rules:
171179
responses:
172180
- status_code: 200
173181
body: |-
182+
{{ minify_json `
174183
{
175-
"EvaluationResults": []
176-
}
184+
"EvaluationResults": []
185+
}
186+
`}}
177187
- path: /
178188
methods: ["POST"]
179189
request_headers:
@@ -185,21 +195,23 @@ rules:
185195
responses:
186196
- status_code: 200
187197
body: |-
198+
{{ minify_json `
188199
{
189-
"EvaluationResults": [
190-
{
191-
"ComplianceType": "NON_COMPLIANT",
192-
"ConfigRuleInvokedTime": 1.844799479852E9,
193-
"EvaluationResultIdentifier": {
194-
"EvaluationResultQualifier": {
195-
"ConfigRuleName": "required-tags",
196-
"EvaluationMode": "PROACTIVE",
197-
"ResourceId": "i-0a4468fbfafeeg41h",
198-
"ResourceType": "AWS::EC2::Instance"
199-
},
200-
"OrderingTimestamp": 1.843541951883E9
201-
},
202-
"ResultRecordedTime": 1.844799480061E9
203-
}
204-
]
205-
}
200+
"EvaluationResults": [
201+
{
202+
"ComplianceType": "NON_COMPLIANT",
203+
"ConfigRuleInvokedTime": 1844799479.852,
204+
"EvaluationResultIdentifier": {
205+
"EvaluationResultQualifier": {
206+
"ConfigRuleName": "required-tags",
207+
"EvaluationMode": "PROACTIVE",
208+
"ResourceId": "i-0a4468fbfafeeg41h",
209+
"ResourceType": "AWS::EC2::Instance"
210+
},
211+
"OrderingTimestamp": 1843541951.883
212+
},
213+
"ResultRecordedTime": 1844799480.061
214+
}
215+
]
216+
}
217+
`}}

packages/aws/data_stream/config/_dev/test/system/test-default-config.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,4 +37,4 @@ data_stream:
3737
UrA2ofnvUjhhk6CKjFBTE7BnkH9u6NAZseQLA42vtHvgm8tu5g==
3838
-----END CERTIFICATE-----
3939
assert:
40-
hit_count: 4
40+
hit_count: 4

0 commit comments

Comments
 (0)