[Cloud Security][Metering] Report all assets details

[CohenIdo]

solves:

• https://github.com/elastic/security-team/issues/9435

Summary

The Cloud Security solution charges solely for billable assets in a serverless project.

With this PR, we utilize the metadata object from the usage-v2-schema to report the complete list of cloud assets for future debugging and optimization purposes.

Note: the API spec doesn't allow nested objects in metadata, that's the reason the tier remains at the same level as the resource dub type details. In addition the metadata object in both the UsageMetrics and UsageSource schemas can contain a dictionary of key-value pairs where both the keys and the values are strings.

Example

In the payload below, you can find the environment containing 4 unique assets, but we only charge for 3.

{
  "id": "cloud_security_cspm_missing_project_id_2024-07-02T08:30:00.000Z",
  "usage_timestamp": "2024-07-02T05:08:08.350Z",
  "creation_timestamp": "2024-07-02T08:30:00.000Z",
  "usage": {
    "type": "cloud_security",
    "sub_type": "cspm",
    "quantity": 3,
    "period_seconds": 1800,
    "metadata": {
      "aws-s3":  2,
      "aws-rds":  1,
      "aws-not-bllable-asset#1":   1,
      "aws-not-bllable-asset#2":   3,
      "aws-not-bllable-asset#3":   5
    }
  },
  "source": {
    "id": "cloud-security-usage-reporting-task:1",
    "instance_group_id": "missing_project_id",
    "metadata": {
      "tier": "complete"
    }
  }
}

[CohenIdo]

Following our decision to prevent overbilling and until we implement a recovery mechanism, getSearchStartDate is redundant.

[CohenIdo]

Following FP alerts we had, I found it more effective to skip cloud metering earlier.

[elasticmachine]

Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)

[kibana-ci]

💛 Build succeeded, but was flaky

• Buildkite Build
• Commit: c323796
• Kibana Serverless Image: docker.elastic.co/kibana-ci/kibana-serverless:pr-186777-c323796d1805
• Security Deployment

Failed CI Steps

Metrics [docs]

✅ unchanged

History

• 💔 Build #218645 failed a467e97e547d423e947094a5345ebcbe1ee62474
• 💔 Build #217957 failed c08f1d5
• 💔 Build #217648 failed c5e3213
• 💔 Build #217338 failed 3c86f6f

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

[joeypoon]

My knowledge of cloud billing isn't that intimate so with that in mind, it looks good overall. I believe we should make one change though. We should use usage.metadata here instead of source.metadata since these are billing details, not source/project details.

[CohenIdo]

My knowledge of cloud billing isn't that intimate so with that in mind, it looks good overall. I believe we should make one change though. We should use usage.metadata here instead of source.metadata since these are billing details, not source/project details.

@joeypoon I agree, I moved it to usage.metadata

[eyalkraft]

Thanks @CohenIdo!

Actually I'd expect the complete deletion of BILLABLE_ASSETS_CONFIG and billable notion whatsoever from the Kibana code.
The list of billable assets should be moved to the glue function where we will be free to change what's billable and what's not without even changing Kibana.

I think that' a better separation of responsibilities and aligns with the value we're trying to achieve with this change.

wdyt?

[CohenIdo]

Thanks @CohenIdo!

Actually I'd expect the complete deletion of BILLABLE_ASSETS_CONFIG and billable notion whatsoever from the Kibana code. The list of billable assets should be moved to the glue function where we will be free to change what's billable and what's not without even changing Kibana.

I think that' a better separation of responsibilities and aligns with the value we're trying to achieve with this change.

wdyt?

@eyalkraft, that's was the original plan, together with @kfirpeled we decided to not have breaking change but to achieve most of the goals with the current implementation.

[joeypoon]

I have one tiny comment which would be great if you can fix before merge. Otherwise 👍.

[joeypoon]

It feels a bit strange to import from a child file upward. We should move ResourceSubtypeCounter into this file or just use [key: string]: string directly.

[CohenIdo]

Done:)

[elasticmachine]

⏳ Build in-progress

• Buildkite Build
• Commit: b35d731
• Kibana Serverless Image: docker.elastic.co/kibana-ci/kibana-serverless:pr-186777-b35d73186cff
• Security Deployment

History

• 💔 Build #219551 failed 86ed5b5
• 💔 Build #219506 failed 99906c4
• 💛 Build #219404 was flaky 99906c4
• 💔 Build #219367 failed 3b437e7
• 💚 Build #219275 succeeded d05233b