-
Notifications
You must be signed in to change notification settings - Fork 8.5k
[EDR Workflows][Device Control] Trusted Devices components #229921
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
szwarckonrad
merged 64 commits into
elastic:main
from
szwarckonrad:device-control-manage
Aug 8, 2025
Merged
Changes from all commits
Commits
Show all changes
64 commits
Select commit
Hold shift + click to select a range
4d405a0
feat: add trusted devices feature flag and role
szwarckonrad 254e119
feat: add dedicated product feature key for Trusted Devices management
szwarckonrad f1206c1
Merge branch 'main' into device-control-rbac
szwarckonrad b4a07ca
Merge branch 'main' into device-control-rbac
szwarckonrad b187040
Merge branch 'device-control-rbac' of https://github.com/szwarckonrad…
szwarckonrad 168132c
Merge branch 'main' into device-control-rbac
szwarckonrad 298cffc
feat: add USB device protection card with enterprise license check
szwarckonrad b231c5f
refactor: rename and update Device Control card component
szwarckonrad fabb491
Merge branch 'main' into device-control-rbac
szwarckonrad 0662df5
Merge branch 'main' into device-control-rbac
szwarckonrad 7c670d2
Merge branch 'main' into device-control-rbac
szwarckonrad 8a42e2c
Merge branch 'refs/heads/main' into device-control-rbac
szwarckonrad a7a112f
feat: add device control settings to endpoint security policy
szwarckonrad 9420353
feat: add device control settings to endpoint policy configuration
szwarckonrad a4a8dea
chore: remove legacy locked card upgrade message from translations
szwarckonrad 8885331
Merge branch 'main' into device-control-rbac
szwarckonrad 35cf852
feat: add device control license validation to endpoint policy config
szwarckonrad d6decda
Merge branch 'main' into device-control-rbac
szwarckonrad 6708c91
Merge branch 'main' into device-control-rbac
szwarckonrad d0118aa
feat: add device control popup settings and update license checks to …
szwarckonrad 9ac0f77
Merge branch 'main' into device-control-rbac
szwarckonrad 7d0f505
feat: add trusted devices management functionality
szwarckonrad b94b6ca
Merge branch 'main' into device-control-manage
szwarckonrad 9b21efe
Merge branch 'main' into device-control-rbac
szwarckonrad 9988f8a
feat: add execute only access level to device control and update test…
szwarckonrad 5ba098d
Merge branch 'main' into device-control-rbac
szwarckonrad c69573d
Merge branch 'main' into device-control-manage
szwarckonrad e84649a
feat: add endpoint_trusted_devices to detection alert schema and comm…
szwarckonrad c542419
[CI] Auto-commit changed files from 'yarn openapi:bundle'
kibanamachine 546814d
[CI] Auto-commit changed files from 'make api-docs'
kibanamachine 40946bd
[CI] Auto-commit changed files from 'yarn openapi:generate'
kibanamachine 522fa33
feat: add trusted devices to endpoint artifact list types
szwarckonrad 061df95
Merge branch 'main' into device-control-manage
szwarckonrad 7d0503b
Merge branch 'main' into device-control-rbac
szwarckonrad 03a4d9e
refactor: remove unnecessary comments from device control components
szwarckonrad 6b588cb
Merge branch 'main' into device-control-rbac
szwarckonrad ff25c0b
fix: remove outdated upgrade messages from security solution endpoint…
szwarckonrad 4b06bf6
feat: add endpoint_trusted_devices to various lists and tests
szwarckonrad 6bf163a
feat: add endpoint_trusted_devices to various lists and tests
szwarckonrad a4c09d3
Merge branch 'main' into device-control-rbac
szwarckonrad 5f54c99
Merge branch 'device-control-rbac' into device-control-manage
szwarckonrad 9625f60
refactor: update device control access level labels for clarity
szwarckonrad 14daca5
Merge branch 'main' into device-control-rbac
szwarckonrad 807d7d5
refactor: update access level terminology in DeviceControlProtectionL…
szwarckonrad ae1b13d
Merge branch 'main' into device-control-rbac
szwarckonrad ea3b746
Merge branch 'main' into device-control-rbac
szwarckonrad 4dcfe8a
Merge branch 'device-control-rbac' into device-control-manage
szwarckonrad 4b8b59d
cr
szwarckonrad 3abead6
Merge branch 'main' into device-control-rbac
szwarckonrad b5b26b9
Merge branch 'device-control-rbac' into device-control-manage
szwarckonrad 1751538
Merge branch 'main' into device-control-manage
szwarckonrad eafc50e
Merge branch 'main' into device-control-manage
szwarckonrad cc8d208
Merge branch 'device-control-manage' of https://github.com/szwarckonr…
szwarckonrad 4f4af33
Refactor trusted devices feature flag references to use unified key
szwarckonrad ad6858c
Merge branch 'main' into device-control-manage
szwarckonrad c84c689
Fix TrustedDevicesArtifactCard to use correct artifacts path
szwarckonrad 2629125
Merge branch 'main' into device-control-manage
szwarckonrad 5786b57
Remove unused createEndpointTrustedDevicesList function and its refer…
szwarckonrad 41a7afc
Merge branch 'main' into device-control-manage
szwarckonrad fa311fd
Merge branch 'main' into device-control-manage
szwarckonrad 099f6df
Update data-test-subj attribute in TrustedDevicesPolicyCard to "trust…
szwarckonrad efb0f1d
Merge branch 'main' into device-control-manage
szwarckonrad 5bd3495
Merge branch 'main' into device-control-manage
szwarckonrad 04862c0
Merge branch 'main' into device-control-manage
szwarckonrad File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7 changes: 7 additions & 0 deletions
7
...erver/integration_tests/__snapshots__/serverless_upgrade_and_rollback_checks.test.ts.snap
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -475,23 +475,23 @@ components: | |
| RelatedIntegration: | ||
| type: object | ||
| description: | | ||
| Related integration is a potential dependency of a rule. It's assumed that if the user installs | ||
|
Contributor
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Lint change. |
||
| one of the related integrations of a rule, the rule might start to work properly because it will | ||
| have source events (generated by this integration) potentially matching the rule's query. | ||
| Related integration is a potential dependency of a rule. It's assumed that if the user installs | ||
| one of the related integrations of a rule, the rule might start to work properly because it will | ||
| have source events (generated by this integration) potentially matching the rule's query. | ||
|
|
||
| NOTE: Proper work is not guaranteed, because a related integration, if installed, can be | ||
| configured differently or generate data that is not necessarily relevant for this rule. | ||
| NOTE: Proper work is not guaranteed, because a related integration, if installed, can be | ||
| configured differently or generate data that is not necessarily relevant for this rule. | ||
|
|
||
| Related integration is a combination of a Fleet package and (optionally) one of the | ||
| package's "integrations" that this package contains. It is represented by 3 properties: | ||
| Related integration is a combination of a Fleet package and (optionally) one of the | ||
| package's "integrations" that this package contains. It is represented by 3 properties: | ||
|
|
||
| - `package`: name of the package (required, unique id) | ||
| - `version`: version of the package (required, semver-compatible) | ||
| - `integration`: name of the integration of this package (optional, id within the package) | ||
| - `package`: name of the package (required, unique id) | ||
| - `version`: version of the package (required, semver-compatible) | ||
| - `integration`: name of the integration of this package (optional, id within the package) | ||
|
|
||
| There are Fleet packages like `windows` that contain only one integration; in this case, | ||
| `integration` should be unspecified. There are also packages like `aws` and `azure` that contain | ||
| several integrations; in this case, `integration` should be specified. | ||
| There are Fleet packages like `windows` that contain only one integration; in this case, | ||
| `integration` should be unspecified. There are also packages like `aws` and `azure` that contain | ||
| several integrations; in this case, `integration` should be specified. | ||
| properties: | ||
| package: | ||
| $ref: '../../../model/primitives.schema.yaml#/components/schemas/NonEmptyString' | ||
|
|
@@ -578,7 +578,7 @@ components: | |
| - `query` (object, optional): Object containing a query filter which gets applied to an action and determines whether the action should run. | ||
| - `kql` (string, required): A KQL string. | ||
| - `filters` (array of objects, required): Array of filter objects, as defined in the `kbn-es-query` package. | ||
|
|
||
| RuleActionParams: | ||
| type: object | ||
| description: | | ||
|
|
@@ -669,6 +669,7 @@ components: | |
| - rule_default | ||
| - endpoint | ||
| - endpoint_trusted_apps | ||
| - endpoint_trusted_devices | ||
| - endpoint_events | ||
| - endpoint_host_isolation_exceptions | ||
| - endpoint_blocklists | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Linking to trusted applications until we get a docs page. Please let me know if we do not want to do that :)