[Cloud Security] Misconfiguration preview & Refactor CSP Plugin to include new package PHASE 3

x-pack/packages/kbn-cloud-security-posture-common/index.ts

@@ -16,7 +16,8 @@ export type {
   BaseCspSetupBothPolicy,
   BaseCspSetupStatus,
   CspSetupStatus,
-  CspFinding,
-} from './types';
+} from './types/status';
+export type { CspFinding } from './types/findings';
+export type { BenchmarksCisId } from './types/benchmark';
 export * from './constants';
-export type { CspBenchmarkRuleMetadata, CspBenchmarkRulesStates } from './schema/rules';
+export { extractErrorMessage, buildMutedRulesFilter } from './utils/helpers';

x-pack/packages/kbn-cloud-security-posture-common/jest.config.js

@@ -0,0 +1,12 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+module.exports = {
+  preset: '@kbn/test',
+  rootDir: '../../..',
+  roots: ['<rootDir>/x-pack/packages/kbn-cloud-security-posture-common'],
+};

x-pack/packages/kbn-cloud-security-posture-common/schema/rules/index.ts

@@ -0,0 +1,12 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export * as rulesV1 from './v1';
+export * as rulesV2 from './v2';
+export * as rulesV3 from './v3';
+export * as rulesV4 from './v4';
+export * as rulesV5 from './v5';

x-pack/packages/kbn-cloud-security-posture-common/schema/index.ts → x-pack/packages/kbn-cloud-security-posture-common/schema/rules/latest.ts

@@ -5,4 +5,4 @@
  * 2.0.
  */
 
-export { ruleStateAttributes, cspBenchmarkRuleMetadataSchema, rulesStates } from './rules';
+export * from './v5';

x-pack/plugins/cloud_security_posture/common/types/rules/v3.ts → x-pack/packages/kbn-cloud-security-posture-common/schema/rules/v3.ts

@@ -6,17 +6,44 @@
  */
 
 import { schema, TypeOf } from '@kbn/config-schema';
-
-import { cspBenchmarkRuleMetadataSchema } from '@kbn/cloud-security-posture-common/schema';
+import { CSPM_POLICY_TEMPLATE, KSPM_POLICY_TEMPLATE } from '../../constants';
 
 export const DEFAULT_BENCHMARK_RULES_PER_PAGE = 25;
 
 // Since version 8.7.0
 
 export type FindCspBenchmarkRuleRequest = TypeOf<typeof findCspBenchmarkRuleRequestSchema>;
 
+export type CspBenchmarkRuleMetadata = TypeOf<typeof cspBenchmarkRuleMetadataSchema>;
+
 export type CspBenchmarkRule = TypeOf<typeof cspBenchmarkRuleSchema>;
 
+export const cspBenchmarkRuleMetadataSchema = schema.object({
+  audit: schema.string(),
+  benchmark: schema.object({
+    name: schema.string(),
+    posture_type: schema.maybe(
+      schema.oneOf([schema.literal(CSPM_POLICY_TEMPLATE), schema.literal(KSPM_POLICY_TEMPLATE)])
+    ),
+    id: schema.string(),
+    version: schema.string(),
+    rule_number: schema.maybe(schema.string()),
+  }),
+  default_value: schema.maybe(schema.string()),
+  description: schema.string(),
+  id: schema.string(),
+  impact: schema.maybe(schema.string()),
+  name: schema.string(),
+  profile_applicability: schema.string(),
+  rationale: schema.string(),
+  references: schema.maybe(schema.string()),
+  rego_rule_id: schema.string(),
+  remediation: schema.string(),
+  section: schema.string(),
+  tags: schema.arrayOf(schema.string()),
+  version: schema.string(),
+});
+
 export const cspBenchmarkRuleSchema = schema.object({
   metadata: cspBenchmarkRuleMetadataSchema,
 });

x-pack/plugins/cloud_security_posture/common/types/rules/v4.ts → x-pack/packages/kbn-cloud-security-posture-common/schema/rules/v4.ts

@@ -6,11 +6,15 @@
  */
 
 import { schema, TypeOf } from '@kbn/config-schema';
-import type { CspBenchmarkRulesStates } from '@kbn/cloud-security-posture-common';
-import { ruleStateAttributes, rulesStates } from '@kbn/cloud-security-posture-common/schema';
-import { BenchmarksCisId } from '../latest';
+import { BenchmarksCisId } from '../../types/benchmark';
 import { DEFAULT_BENCHMARK_RULES_PER_PAGE } from './v3';
-export type { cspBenchmarkRuleSchema, CspBenchmarkRule, FindCspBenchmarkRuleResponse } from './v3';
+export type {
+  cspBenchmarkRuleMetadataSchema,
+  CspBenchmarkRuleMetadata,
+  cspBenchmarkRuleSchema,
+  CspBenchmarkRule,
+  FindCspBenchmarkRuleResponse,
+} from './v3';
 
 export type FindCspBenchmarkRuleRequest = TypeOf<typeof findCspBenchmarkRuleRequestSchema>;
 
@@ -22,6 +26,8 @@ export type CspBenchmarkRulesBulkActionRequestSchema = TypeOf<
 
 export type RuleStateAttributes = TypeOf<typeof ruleStateAttributes>;
 
+export type CspBenchmarkRulesStates = TypeOf<typeof rulesStates>;
+
 export type CspSettings = TypeOf<typeof cspSettingsSchema>;
 
 export const findCspBenchmarkRuleRequestSchema = schema.object({
@@ -137,6 +143,16 @@ export interface CspBenchmarkRulesBulkActionResponse {
   message: string;
 }
 
+const ruleStateAttributes = schema.object({
+  muted: schema.boolean(),
+  benchmark_id: schema.string(),
+  benchmark_version: schema.string(),
+  rule_number: schema.string(),
+  rule_id: schema.string(),
+});
+
+const rulesStates = schema.recordOf(schema.string(), ruleStateAttributes);
+
 export const cspSettingsSchema = schema.object({
   rules: rulesStates,
 });

x-pack/plugins/cloud_security_posture/common/types/rules/v5.ts → x-pack/packages/kbn-cloud-security-posture-common/schema/rules/v5.ts

@@ -7,13 +7,20 @@
 import { schema, TypeOf } from '@kbn/config-schema';
 import { DEFAULT_BENCHMARK_RULES_PER_PAGE } from './v3';
 
-export type { cspBenchmarkRuleSchema, CspBenchmarkRule, FindCspBenchmarkRuleResponse } from './v3';
+export type {
+  cspBenchmarkRuleMetadataSchema,
+  CspBenchmarkRuleMetadata,
+  cspBenchmarkRuleSchema,
+  CspBenchmarkRule,
+  FindCspBenchmarkRuleResponse,
+} from './v3';
 export type {
   PageUrlParams,
   rulesToUpdate,
   CspBenchmarkRulesBulkActionRequestSchema,
   CspBenchmarkRulesBulkActionResponse,
   RuleStateAttributes,
+  CspBenchmarkRulesStates,
   cspSettingsSchema,
   CspSettings,
   BulkActionBenchmarkRulesResponse,

x-pack/packages/kbn-cloud-security-posture-common/tsconfig.json

@@ -16,5 +16,7 @@
   ],
   "kbn_references": [
     "@kbn/config-schema",
+    "@kbn/data-views-plugin",
+    "@kbn/i18n",
   ]
 }

x-pack/packages/kbn-cloud-security-posture-common/types/benchmark.ts

@@ -0,0 +1,7 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+export type BenchmarksCisId = 'cis_k8s' | 'cis_azure' | 'cis_aws' | 'cis_eks' | 'cis_gcp';

x-pack/packages/kbn-cloud-security-posture-common/types.ts → x-pack/packages/kbn-cloud-security-posture-common/types/findings.ts

@@ -4,46 +4,15 @@
  * 2.0; you may not use this file except in compliance with the Elastic License
  * 2.0.
  */
-import type { EcsDataStream, EcsEvent } from '@elastic/ecs';
-import type { CspBenchmarkRuleMetadata } from './schema/rules';
-
-export type CspStatusCode =
-  | 'indexed' // latest findings index exists and has results
-  | 'indexing' // index timeout was not surpassed since installation, assumes data is being indexed
-  | 'unprivileged' // user lacks privileges for the latest findings index
-  | 'index-timeout' // index timeout was surpassed since installation
-  | 'not-deployed' // no healthy agents were deployed
-  | 'not-installed' // number of installed csp integrations is 0;
-  | 'waiting_for_results'; // have healthy agents but no findings at all, assumes data is being indexed for the 1st time
-
-export type IndexStatus =
-  | 'not-empty' // Index contains documents
-  | 'empty' // Index doesn't contain documents (or doesn't exist)
-  | 'unprivileged'; // User doesn't have access to query the index
-
-export interface IndexDetails {
-  index: string;
-  status: IndexStatus;
-}
-
-export interface BaseCspSetupBothPolicy {
-  status: CspStatusCode;
-  installedPackagePolicies: number;
-  healthyAgents: number;
-}
-
-export interface BaseCspSetupStatus {
-  indicesDetails: IndexDetails[];
-  latestPackageVersion: string;
-  cspm: BaseCspSetupBothPolicy;
-  kspm: BaseCspSetupBothPolicy;
-  vuln_mgmt: BaseCspSetupBothPolicy;
-  isPluginInitialized: boolean;
-  installedPackageVersion?: string | undefined;
-  hasMisconfigurationsFindings?: boolean;
-}
 
-export type CspSetupStatus = BaseCspSetupStatus;
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+import type { EcsDataStream, EcsEvent } from '@elastic/ecs';
+import type { CspBenchmarkRuleMetadata } from '../schema/rules/latest';
 
 export interface CspFinding {
   '@timestamp': string;

x-pack/packages/kbn-cloud-security-posture-common/types/status.ts

@@ -0,0 +1,51 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export type CspStatusCode =
+  | 'indexed' // latest findings index exists and has results
+  | 'indexing' // index timeout was not surpassed since installation, assumes data is being indexed
+  | 'unprivileged' // user lacks privileges for the latest findings index
+  | 'index-timeout' // index timeout was surpassed since installation
+  | 'not-deployed' // no healthy agents were deployed
+  | 'not-installed' // number of installed csp integrations is 0;
+  | 'waiting_for_results'; // have healthy agents but no findings at all, assumes data is being indexed for the 1st time
+
+export type IndexStatus =
+  | 'not-empty' // Index contains documents
+  | 'empty' // Index doesn't contain documents (or doesn't exist)
+  | 'unprivileged'; // User doesn't have access to query the index
+
+export interface IndexDetails {
+  index: string;
+  status: IndexStatus;
+}
+
+export interface BaseCspSetupBothPolicy {
+  status: CspStatusCode;
+  installedPackagePolicies: number;
+  healthyAgents: number;
+}
+
+export interface BaseCspSetupStatus {
+  indicesDetails: IndexDetails[];
+  latestPackageVersion: string;
+  cspm: BaseCspSetupBothPolicy;
+  kspm: BaseCspSetupBothPolicy;
+  vuln_mgmt: BaseCspSetupBothPolicy;
+  isPluginInitialized: boolean;
+  installedPackageVersion?: string | undefined;
+  hasMisconfigurationsFindings?: boolean;
+}
+
+export type CspSetupStatus = BaseCspSetupStatus;