Enable Asset Inventory page via Kibana Advanced Settings

[albertoblaz]

Summary

Closes https://github.com/elastic/security-team/issues/11683.

Adds an advanced setting to enable/disable the Asset Inventory page. Replaces the old assetInventoryUXEnabled feature flag. The placement of the setting is right below "Enable graph visualization", within the Security Solution group.

Screenshots

Setting off

Setting on

Overriden setting - activated via kibana.dev.yml

How to test

Follow the instructions provided in the README.md file committed in this PR.

Definition of Done

• Advanced Settings Integration

  • Add a new setting under Kibana Advanced Settings for enabling the Asset Inventory feature:
    • Setting Name: Enable Asset Inventory
    • Setting Key: securitySolution:enableAssetInventory
    • Description: "Enable the Asset Inventory feature to view and manage assets in the Security Solution plugin."
    • Type: Toggle (On/Off).
    • Default Value: Off.
  • Ensure the setting reflects the current status of the Asset Inventory feature (On/Off).
  • Group the setting logically under the Security Solution in the Kibana Advanced Settings page.
  • Ensure the toggle is discoverable and adheres to Kibana’s design guidelines.

• Implementation

  • Update the Asset Inventory initialization logic to check the new Kibana setting (securitySolution:enableAssetInventory) instead of relying on the assetInventoryUXEnabled feature flag in kibana.dev.yml. For now we don't need to worry about initialization
  • Provide backward compatibility by allowing the kibana.dev.yml flag (xpack.securitySolution.assetInventoryUXEnabled) to override the setting in development environments.
  • The toggle should dynamically enable or disable the Asset Inventory feature without requiring a Kibana restart.

• Testing

  • Add unit tests to verify:
    • The toggle updates the setting value correctly.
    • The Asset Inventory feature respects the toggle status (enabled/disabled).
  • Add functional tests to validate the toggle’s behavior in the Advanced Settings page.

• Documentation

  • Update the documentation to explain how to enable/disable the Asset Inventory feature using Kibana Advanced Settings.
  • Provide details about the fallback behavior when using the kibana.dev.yml flag.

Checklist

• Unit or functional tests were updated or added to match the most common scenarios
• If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the docker list
• This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The release_note:breaking label should be applied in these situations.
• Flaky Test Runner was used on any tests changed
• The PR description includes the appropriate Release Notes section, and the correct release_note:* label is applied per the guidelines

Identify risks

Feature will get exposed to end users if combination of setting and feature flag is not set up correctly.

[elasticmachine]

Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)

[opauloh]

Looks good to me, just some text changes

[albertoblaz]

@opauloh Updated copy as per suggested :)

[MadameSheema]

As this is now an advanced setting, instead of forcing the environment to have the value by default is better to enable it first in the before hook, you can check how to do it in: x-pack/test/security_solution_cypress/cypress/tasks/api_calls/kibana_advanced_settings.ts

Is this functionality going to be available in serverless as well?

[opauloh]

Is this functionality going to be available in serverless as well?

Hi @MadameSheema, yes the idea of shifting from Kibana Feature Flag to Advanced Settings is to have Asset Inventory available on serverless as well, it does seem that enabling the advanced settings from API would be better in that case as it would allow us to test both environments by removing the @ess tag .

[albertoblaz]

@opauloh @MadameSheema I replaced the setting override with the API calls, which is indeed much better :)

However, removing { tags: ['@ess'] } from the describe block did not work and tests were skipped, so I kept it and added '@serverless' to the list. With that, tests seem to run and pass

[MadameSheema]

Hey @opauloh @albertoblaz lots of thanks for the clarification and the changes :)

You can learn more about how tags work for Cypress Security Solution tests here.

[sabarasaba]

kbn management changes lgtm

[eokoneyo]

Code review only. Shared UX changes LGTM

[Bamieh]

code changes LGTM (telemetry, and overall file changes)

[PhilippeOberti]

LGTM for the Threat Hunting Investigations team

[MadameSheema]

Security Engineering Productivity changes LGTM!

[rylnd]

Detection Engine changes LGTM

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: ed061d8

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id	before	after	diff
@kbn/management-settings-ids	135	136	+1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
securitySolution	8.9MB	8.9MB	-18.0B

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id	before	after	diff
securitySolution	86.0KB	86.0KB	+27.0B

Unknown metric groups

API count

id	before	after	diff
@kbn/management-settings-ids	136	137	+1

History

• 💛 Build #278887 was flaky aea3790caa6781bb7178e6a26bd98b6afba30849
• 💚 Build #278588 succeeded 67ccfe254c88257aed38a86044f68c61bb51f668
• 💔 Build #278536 failed 221eca6f9cfc6c5b6d639d408fac1087fb90bc17
• 💔 Build #278473 failed 5dc2a8a07d4be879b3f5a3648ead264227e7fba4
• 💔 Build #278452 failed 8f1c7b9029f6eb46e67dd13928139231ed51b4ad

cc @albertoblaz

[opauloh]

💯