diff --git a/packages/tanium/changelog.yml b/packages/tanium/changelog.yml index cd049352cf3..aa35e532f24 100644 --- a/packages/tanium/changelog.yml +++ b/packages/tanium/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.17.0" + changes: + - description: Add options to configure non-public S3. + type: enhancement + link: https://github.com/elastic/integrations/pull/16080 - version: "1.16.2" changes: - description: Fix handling of SQS worker count configuration. diff --git a/packages/tanium/data_stream/action_history/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/action_history/agent/stream/aws-s3.yml.hbs index 8c30fa37645..9c06fbb76c6 100644 --- a/packages/tanium/data_stream/action_history/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/action_history/agent/stream/aws-s3.yml.hbs @@ -44,6 +44,15 @@ file_selectors: number_of_workers: {{number_of_workers}} {{/if}} +{{#if endpoint}} +endpoint: {{endpoint}} +{{/if}} +{{#if region}} +region: {{region}} +{{/if}} +{{#if default_region}} +default_region: {{default_region}} +{{/if}} {{#if access_key_id}} access_key_id: {{access_key_id}} {{/if}} @@ -53,15 +62,18 @@ secret_access_key: {{secret_access_key}} {{#if session_token}} session_token: {{session_token}} {{/if}} -{{#if shared_credential_file}} -shared_credential_file: {{shared_credential_file}} -{{/if}} {{#if credential_profile_name}} credential_profile_name: {{credential_profile_name}} {{/if}} +{{#if shared_credential_file}} +shared_credential_file: {{shared_credential_file}} +{{/if}} {{#if role_arn}} role_arn: {{role_arn}} {{/if}} +{{#if external_id}} +external_id: {{external_id}} +{{/if}} {{#if fips_enabled}} fips_enabled: {{fips_enabled}} {{/if}} diff --git a/packages/tanium/data_stream/client_status/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/client_status/agent/stream/aws-s3.yml.hbs index 8c30fa37645..9c06fbb76c6 100644 --- a/packages/tanium/data_stream/client_status/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/client_status/agent/stream/aws-s3.yml.hbs @@ -44,6 +44,15 @@ file_selectors: number_of_workers: {{number_of_workers}} {{/if}} +{{#if endpoint}} +endpoint: {{endpoint}} +{{/if}} +{{#if region}} +region: {{region}} +{{/if}} +{{#if default_region}} +default_region: {{default_region}} +{{/if}} {{#if access_key_id}} access_key_id: {{access_key_id}} {{/if}} @@ -53,15 +62,18 @@ secret_access_key: {{secret_access_key}} {{#if session_token}} session_token: {{session_token}} {{/if}} -{{#if shared_credential_file}} -shared_credential_file: {{shared_credential_file}} -{{/if}} {{#if credential_profile_name}} credential_profile_name: {{credential_profile_name}} {{/if}} +{{#if shared_credential_file}} +shared_credential_file: {{shared_credential_file}} +{{/if}} {{#if role_arn}} role_arn: {{role_arn}} {{/if}} +{{#if external_id}} +external_id: {{external_id}} +{{/if}} {{#if fips_enabled}} fips_enabled: {{fips_enabled}} {{/if}} diff --git a/packages/tanium/data_stream/discover/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/discover/agent/stream/aws-s3.yml.hbs index 8c30fa37645..9c06fbb76c6 100644 --- a/packages/tanium/data_stream/discover/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/discover/agent/stream/aws-s3.yml.hbs @@ -44,6 +44,15 @@ file_selectors: number_of_workers: {{number_of_workers}} {{/if}} +{{#if endpoint}} +endpoint: {{endpoint}} +{{/if}} +{{#if region}} +region: {{region}} +{{/if}} +{{#if default_region}} +default_region: {{default_region}} +{{/if}} {{#if access_key_id}} access_key_id: {{access_key_id}} {{/if}} @@ -53,15 +62,18 @@ secret_access_key: {{secret_access_key}} {{#if session_token}} session_token: {{session_token}} {{/if}} -{{#if shared_credential_file}} -shared_credential_file: {{shared_credential_file}} -{{/if}} {{#if credential_profile_name}} credential_profile_name: {{credential_profile_name}} {{/if}} +{{#if shared_credential_file}} +shared_credential_file: {{shared_credential_file}} +{{/if}} {{#if role_arn}} role_arn: {{role_arn}} {{/if}} +{{#if external_id}} +external_id: {{external_id}} +{{/if}} {{#if fips_enabled}} fips_enabled: {{fips_enabled}} {{/if}} diff --git a/packages/tanium/data_stream/endpoint_config/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/endpoint_config/agent/stream/aws-s3.yml.hbs index 65840d3a149..9c06fbb76c6 100644 --- a/packages/tanium/data_stream/endpoint_config/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/endpoint_config/agent/stream/aws-s3.yml.hbs @@ -44,6 +44,15 @@ file_selectors: number_of_workers: {{number_of_workers}} {{/if}} +{{#if endpoint}} +endpoint: {{endpoint}} +{{/if}} +{{#if region}} +region: {{region}} +{{/if}} +{{#if default_region}} +default_region: {{default_region}} +{{/if}} {{#if access_key_id}} access_key_id: {{access_key_id}} {{/if}} @@ -53,17 +62,17 @@ secret_access_key: {{secret_access_key}} {{#if session_token}} session_token: {{session_token}} {{/if}} -{{#if shared_credential_file}} -shared_credential_file: {{shared_credential_file}} -{{/if}} {{#if credential_profile_name}} credential_profile_name: {{credential_profile_name}} {{/if}} +{{#if shared_credential_file}} +shared_credential_file: {{shared_credential_file}} +{{/if}} {{#if role_arn}} role_arn: {{role_arn}} {{/if}} -{{#if endpoint}} -endpoint: {{endpoint}} +{{#if external_id}} +external_id: {{external_id}} {{/if}} {{#if fips_enabled}} fips_enabled: {{fips_enabled}} diff --git a/packages/tanium/data_stream/reporting/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/reporting/agent/stream/aws-s3.yml.hbs index 8c30fa37645..9c06fbb76c6 100644 --- a/packages/tanium/data_stream/reporting/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/reporting/agent/stream/aws-s3.yml.hbs @@ -44,6 +44,15 @@ file_selectors: number_of_workers: {{number_of_workers}} {{/if}} +{{#if endpoint}} +endpoint: {{endpoint}} +{{/if}} +{{#if region}} +region: {{region}} +{{/if}} +{{#if default_region}} +default_region: {{default_region}} +{{/if}} {{#if access_key_id}} access_key_id: {{access_key_id}} {{/if}} @@ -53,15 +62,18 @@ secret_access_key: {{secret_access_key}} {{#if session_token}} session_token: {{session_token}} {{/if}} -{{#if shared_credential_file}} -shared_credential_file: {{shared_credential_file}} -{{/if}} {{#if credential_profile_name}} credential_profile_name: {{credential_profile_name}} {{/if}} +{{#if shared_credential_file}} +shared_credential_file: {{shared_credential_file}} +{{/if}} {{#if role_arn}} role_arn: {{role_arn}} {{/if}} +{{#if external_id}} +external_id: {{external_id}} +{{/if}} {{#if fips_enabled}} fips_enabled: {{fips_enabled}} {{/if}} diff --git a/packages/tanium/data_stream/threat_response/agent/stream/aws-s3.yml.hbs b/packages/tanium/data_stream/threat_response/agent/stream/aws-s3.yml.hbs index 8c30fa37645..9c06fbb76c6 100644 --- a/packages/tanium/data_stream/threat_response/agent/stream/aws-s3.yml.hbs +++ b/packages/tanium/data_stream/threat_response/agent/stream/aws-s3.yml.hbs @@ -44,6 +44,15 @@ file_selectors: number_of_workers: {{number_of_workers}} {{/if}} +{{#if endpoint}} +endpoint: {{endpoint}} +{{/if}} +{{#if region}} +region: {{region}} +{{/if}} +{{#if default_region}} +default_region: {{default_region}} +{{/if}} {{#if access_key_id}} access_key_id: {{access_key_id}} {{/if}} @@ -53,15 +62,18 @@ secret_access_key: {{secret_access_key}} {{#if session_token}} session_token: {{session_token}} {{/if}} -{{#if shared_credential_file}} -shared_credential_file: {{shared_credential_file}} -{{/if}} {{#if credential_profile_name}} credential_profile_name: {{credential_profile_name}} {{/if}} +{{#if shared_credential_file}} +shared_credential_file: {{shared_credential_file}} +{{/if}} {{#if role_arn}} role_arn: {{role_arn}} {{/if}} +{{#if external_id}} +external_id: {{external_id}} +{{/if}} {{#if fips_enabled}} fips_enabled: {{fips_enabled}} {{/if}} diff --git a/packages/tanium/data_stream/threat_response/manifest.yml b/packages/tanium/data_stream/threat_response/manifest.yml index c1d18f92c87..4fde76b5e4e 100644 --- a/packages/tanium/data_stream/threat_response/manifest.yml +++ b/packages/tanium/data_stream/threat_response/manifest.yml @@ -75,7 +75,7 @@ streams: show_user: false default: | - regex: "threat_response/" - description: If the SQS queue will have events that correspond to files that this integration shouldn’t process, file_selectors can be used to limit the files that are downloaded. This is a list of selectors which are made up of regex and expand_event_list_from_field options. The regex should match the S3 object key in the SQS message, and the optional expand_event_list_from_field is the same as the global setting. If file_selectors is given, then any global expand_event_list_from_field value is ignored in favor of the ones specified in the file_selectors. Multiple regexes are used [RE2 syntax](https://pkg.go.dev/regexp/syntax). Files that don’t match any of the regexes will not be processed. + description: If the SQS queue will have events that correspond to files that this integration shouldn’t process, file_selectors can be used to limit the files that are downloaded. This is a list of selectors which are made up of regex and expand_event_list_from_field options. The regex should match the S3 object key in the SQS message, and the optional expand_event_list_from_field is the same as the global setting. If file_selectors is given, then any global expand_event_list_from_field value is ignored in favor of the ones specified in the file_selectors. Regexes use [RE2 syntax](https://pkg.go.dev/regexp/syntax). Files that don’t match one of the regexes will not be processed. - name: tags type: text title: Tags diff --git a/packages/tanium/manifest.yml b/packages/tanium/manifest.yml index eb80e1030d9..9a417e32bec 100644 --- a/packages/tanium/manifest.yml +++ b/packages/tanium/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.3" name: tanium title: Tanium -version: "1.16.2" +version: "1.17.0" description: This Elastic integration collects logs from Tanium with Elastic Agent. type: integration categories: @@ -124,6 +124,22 @@ policy_templates: required: false show_user: false description: AWS IAM Role to assume. + - name: endpoint + type: text + title: Endpoint + multi: false + required: false + show_user: false + default: "" + description: URL of the entry point for an AWS web service. + - name: region + type: text + title: Region + multi: false + required: false + show_user: false + default: "" + description: The name of the AWS region of the end point. - name: fips_enabled type: bool title: Enable S3 FIPS @@ -132,6 +148,21 @@ policy_templates: required: false show_user: false description: Enabling this option changes the service name from `s3` to `s3-fips` for connecting to the correct service endpoint. + - name: external_id + type: text + title: External ID + multi: false + required: false + show_user: false + description: External ID to use when assuming a role in another account, see [the AWS documentation for use of external IDs](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html). + - name: default_region + type: text + title: Default AWS Region + multi: false + required: false + show_user: false + default: "" + description: Default region to use prior to connecting to region specific services/endpoints if no AWS region is set from environment variable, credentials or instance profile. If none of the above are set and no default region is set as well, `us-east-1` is used. A region, either from environment variable, credentials or instance profile or from this default region setting, needs to be set when using regions in non-regular AWS environments such as AWS China or US Government Isolated. - name: proxy_url type: text title: Proxy URL