Skip to content

[meta][CDR] Update AWS Config integration to Leverage Native CDR Workflows #15231

New issue
New issue
Closed
Closed
[meta][CDR] Update AWS Config integration to Leverage Native CDR Workflows#15231
Assignees
kcreddy
Labels
Category: CDRIntegration:awsAWSTeam:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]enhancementNew feature or requestmeta
@kcreddy

Description

@kcreddy
kcreddy
opened on Sep 8, 2025

As part of effort to leverage Cloud Detection and Response (CDR) workflows such as Elastic CSPM and CNVM for 3rd party integrations, both misconfigurations findings data from Elastic AWS Config integration needs to be enriched just like previous enhancements for AWS SecurityHub.

For this work, the aws.config data stream which ingests misconfigurations findings must be enriched to support Elastic CSPM workflow.

Tasks:

Success Criteria

The misconfigurations findings from AWS Config integration should be part of the data view suggested and mapped to the ECS schema supported by Cloud Security features.
To develop ES and Kibana assets (transforms, ingest pipelines, data views, etc.) required to make the data from AWS Config integration available in the Cloud Security features.

Metadata

Metadata

Assignees

Labels

Category: CDRIntegration:awsAWSTeam:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]enhancementNew feature or requestmeta

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions