CDR Data View (#188625)

.buildkite/ftr_security_stateful_configs.yml

@@ -82,4 +82,5 @@ enabled:
   - x-pack/test/security_solution_endpoint/configs/integrations.config.ts
   - x-pack/test/api_integration/apis/cloud_security_posture/config.ts
   - x-pack/test/cloud_security_posture_api/config.ts
-  - x-pack/test/cloud_security_posture_functional/config.ts
+  - x-pack/test/cloud_security_posture_functional/config.ts
+  - x-pack/test/cloud_security_posture_functional/data_views/config.ts

x-pack/plugins/cloud_security_posture/common/constants.ts

@@ -12,6 +12,7 @@ import {
   VulnSeverity,
 } from './types_old';
 
+export const CLOUD_SECURITY_INTERTAL_PREFIX_ROUTE_PATH = '/internal/cloud_security_posture/';
 export const STATUS_ROUTE_PATH = '/internal/cloud_security_posture/status';
 export const STATUS_API_CURRENT_VERSION = '1';
 
@@ -40,6 +41,19 @@ export const DETECTION_RULE_ALERTS_STATUS_API_CURRENT_VERSION = '1';
 export const DETECTION_RULE_RULES_API_CURRENT_VERSION = '2023-10-31';
 
 export const CLOUD_SECURITY_POSTURE_PACKAGE_NAME = 'cloud_security_posture';
+
+export const CDR_MISCONFIGURATIONS_DATA_VIEW_NAME = 'Latest Cloud Security Misconfigurations';
+export const CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX =
+  'security_solution_cdr_latest_misconfigurations';
+export const CDR_MISCONFIGURATIONS_INDEX_PATTERN =
+  'logs-*_latest_misconfigurations_cdr,logs-cloud_security_posture.findings_latest-default';
+
+export const CDR_VULNERABILITIES_DATA_VIEW_NAME = 'Latest Cloud Security Vulnerabilities';
+export const CDR_VULNERABILITIES_DATA_VIEW_ID_PREFIX =
+  'security_solution_cdr_latest_vulnerabilities';
+export const CDR_VULNERABILITIES_INDEX_PATTERN =
+  'logs-*_latest_vulnerabilities_cdr,logs-cloud_security_posture.vulnerabilities_latest-default';
+
 // TODO: REMOVE CSP_LATEST_FINDINGS_DATA_VIEW and replace it with LATEST_FINDINGS_INDEX_PATTERN
 export const CSP_LATEST_FINDINGS_DATA_VIEW = 'logs-cloud_security_posture.findings_latest-*';
 

x-pack/plugins/cloud_security_posture/kibana.jsonc

@@ -22,7 +22,8 @@
       "licensing",
       "share",
       "kibanaUtils",
-      "alerting"
+      "alerting",
+      "spaces"
     ],
     "optionalPlugins": ["usageCollection"],
     "requiredBundles": ["kibanaReact", "usageCollection"]

x-pack/plugins/cloud_security_posture/server/plugin.test.ts

@@ -41,6 +41,7 @@ import { CLOUD_SECURITY_POSTURE_PACKAGE_NAME } from '../common/constants';
 import Chance from 'chance';
 import type { AwaitedProperties } from '@kbn/utility-types';
 import type { DeeplyMockedKeys } from '@kbn/utility-types-jest';
+import { createIndexPatternsStartMock } from '@kbn/data-views-plugin/server/mocks';
 import {
   ElasticsearchClient,
   RequestHandlerContext,
@@ -82,6 +83,7 @@ describe('Cloud Security Posture Plugin', () => {
       taskManager: taskManagerMock.createStart(),
       security: securityMock.createStart(),
       licensing: licensingMock.createStart(),
+      dataViews: createIndexPatternsStartMock(),
     };
 
     const contextMock = coreMock.createCustomRequestHandlerContext(mockRouteContext);

x-pack/plugins/cloud_security_posture/server/routes/setup_routes.ts

@@ -5,9 +5,13 @@
  * 2.0.
  */
 
-import type { CoreSetup, Logger } from '@kbn/core/server';
+import { type CoreSetup, type Logger } from '@kbn/core/server';
 import type { AuthenticatedUser } from '@kbn/security-plugin/common';
-import { INTERNAL_CSP_SETTINGS_SAVED_OBJECT_TYPE } from '../../common/constants';
+
+import {
+  INTERNAL_CSP_SETTINGS_SAVED_OBJECT_TYPE,
+  CLOUD_SECURITY_INTERTAL_PREFIX_ROUTE_PATH,
+} from '../../common/constants';
 import type {
   CspRequestHandlerContext,
   CspServerPluginStart,
@@ -22,6 +26,7 @@ import { defineFindCspBenchmarkRuleRoute } from './benchmark_rules/find/find';
 import { defineGetDetectionEngineAlertsStatus } from './detection_engine/get_detection_engine_alerts_count_by_rule_tags';
 import { defineBulkActionCspBenchmarkRulesRoute } from './benchmark_rules/bulk_action/bulk_action';
 import { defineGetCspBenchmarkRulesStatesRoute } from './benchmark_rules/get_states/get_states';
+import { setupCdrDataViews } from '../saved_objects/data_views';
 
 /**
  * 1. Registers routes
@@ -46,6 +51,22 @@ export function setupRoutes({
   defineBulkActionCspBenchmarkRulesRoute(router);
   defineGetCspBenchmarkRulesStatesRoute(router);
 
+  core.http.registerOnPreRouting(async (request, response, toolkit) => {
+    if (request.url.pathname.includes(CLOUD_SECURITY_INTERTAL_PREFIX_ROUTE_PATH)) {
+      try {
+        const [coreStart, startDeps] = await core.getStartServices();
+        const esClient = coreStart.elasticsearch.client.asInternalUser;
+        const soClient = coreStart.savedObjects.createInternalRepository();
+        const spaces = startDeps.spaces?.spacesService;
+        const dataViews = startDeps.dataViews;
+        await setupCdrDataViews(esClient, soClient, spaces, dataViews, request, logger);
+      } catch (err) {
+        logger.error(`Failed to create CDR data views: ${err}`);
+      }
+    }
+    return toolkit.next();
+  });
+
   core.http.registerRouteHandlerContext<CspRequestHandlerContext, typeof PLUGIN_ID>(
     PLUGIN_ID,
     async (context, request) => {

x-pack/plugins/cloud_security_posture/server/saved_objects/data_views.ts

@@ -0,0 +1,135 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+import {
+  ElasticsearchClient,
+  ISavedObjectsRepository,
+  SavedObject,
+  type KibanaRequest,
+  type Logger,
+} from '@kbn/core/server';
+import { DataViewAttributes } from '@kbn/data-views-plugin/common';
+import { SpacesServiceStart } from '@kbn/spaces-plugin/server';
+import { DataViewsServerPluginStart } from '@kbn/data-views-plugin/server';
+
+import {
+  CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX,
+  CDR_MISCONFIGURATIONS_DATA_VIEW_NAME,
+  CDR_MISCONFIGURATIONS_INDEX_PATTERN,
+  CDR_VULNERABILITIES_DATA_VIEW_ID_PREFIX,
+  CDR_VULNERABILITIES_DATA_VIEW_NAME,
+  CDR_VULNERABILITIES_INDEX_PATTERN,
+} from '../../common/constants';
+
+const DATA_VIEW_TIME_FIELD = '@timestamp';
+const DEFAULT_SPACE_ID = 'default';
+
+const getDataViewSafe = async (
+  soClient: ISavedObjectsRepository,
+  currentSpaceId: string,
+  currentSpaceDataViewId: string
+): Promise<SavedObject<DataViewAttributes> | undefined> => {
+  try {
+    const dataView = await soClient.get<DataViewAttributes>(
+      'index-pattern',
+      currentSpaceDataViewId,
+      {
+        namespace: currentSpaceId,
+      }
+    );
+
+    return dataView;
+  } catch (e) {
+    return;
+  }
+};
+
+const getCurrentSpaceId = (
+  spacesService: SpacesServiceStart | undefined,
+  request: KibanaRequest
+): string => {
+  return spacesService?.getSpaceId(request) || DEFAULT_SPACE_ID;
+};
+
+export const installDataView = async (
+  esClient: ElasticsearchClient,
+  soClient: ISavedObjectsRepository,
+  spacesService: SpacesServiceStart | undefined,
+  dataViewsService: DataViewsServerPluginStart,
+  request: KibanaRequest,
+  dataViewName: string,
+  indexPattern: string,
+  dataViewId: string,
+  logger: Logger
+) => {
+  try {
+    const currentSpaceId = await getCurrentSpaceId(spacesService, request);
+    const currentSpaceDataViewId = `${dataViewId}-${currentSpaceId}`;
+
+    const doesDataViewExist = await getDataViewSafe(
+      soClient,
+      currentSpaceId,
+      currentSpaceDataViewId
+    );
+
+    if (doesDataViewExist) return;
+
+    logger.info(`Creating and saving data view with ID: ${currentSpaceDataViewId}`);
+
+    const dataViewsClient = await dataViewsService.dataViewsServiceFactory(
+      soClient,
+      esClient,
+      request,
+      true
+    );
+    await dataViewsClient.createAndSave(
+      {
+        id: currentSpaceDataViewId,
+        title: indexPattern,
+        name: `${dataViewName} - ${currentSpaceId} `,
+        namespaces: [currentSpaceId],
+        allowNoIndex: true,
+        timeFieldName: DATA_VIEW_TIME_FIELD,
+      },
+      true
+    );
+  } catch (error) {
+    logger.error(`Failed to setup data view`, error);
+  }
+};
+
+export const setupCdrDataViews = async (
+  esClient: ElasticsearchClient,
+  soClient: ISavedObjectsRepository,
+  spacesService: SpacesServiceStart | undefined,
+  dataViewsService: DataViewsServerPluginStart,
+  request: KibanaRequest,
+  logger: Logger
+) => {
+  await installDataView(
+    esClient,
+    soClient,
+    spacesService,
+    dataViewsService,
+    request,
+    CDR_MISCONFIGURATIONS_DATA_VIEW_NAME,
+    CDR_MISCONFIGURATIONS_INDEX_PATTERN,
+    CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX,
+    logger
+  );
+
+  await installDataView(
+    esClient,
+    soClient,
+    spacesService,
+    dataViewsService,
+    request,
+    CDR_VULNERABILITIES_DATA_VIEW_NAME,
+    CDR_VULNERABILITIES_INDEX_PATTERN,
+    CDR_VULNERABILITIES_DATA_VIEW_ID_PREFIX,
+    logger
+  );
+};

x-pack/plugins/cloud_security_posture/server/types.ts

@@ -10,6 +10,7 @@ import type {
   PluginStart as DataPluginStart,
 } from '@kbn/data-plugin/server';
 import type { LicensingPluginStart } from '@kbn/licensing-plugin/server';
+import { PluginStart as DataViewsPluginStart } from '@kbn/data-views-plugin/server';
 import {
   TaskManagerSetupContract,
   TaskManagerStartContract,
@@ -36,6 +37,7 @@ import type { FleetStartContract, FleetRequestHandlerContext } from '@kbn/fleet-
 import { SecurityPluginSetup, SecurityPluginStart } from '@kbn/security-plugin/server';
 import type { AlertingApiRequestHandlerContext } from '@kbn/alerting-plugin/server';
 import type { AlertingPluginSetup } from '@kbn/alerting-plugin/public/plugin';
+import { SpacesPluginStart } from '@kbn/spaces-plugin/server';
 import { CspStatusCode, IndexDetails } from '../common/types_old';
 
 // eslint-disable-next-line @typescript-eslint/no-empty-interface
@@ -61,6 +63,8 @@ export interface CspServerPluginStartDeps {
   taskManager: TaskManagerStartContract;
   security: SecurityPluginStart;
   licensing: LicensingPluginStart;
+  dataViews: DataViewsPluginStart;
+  spaces?: SpacesPluginStart;
 }
 
 export type CspServerPluginStartServices = Promise<

x-pack/plugins/cloud_security_posture/tsconfig.json

@@ -64,7 +64,8 @@
     "@kbn/code-editor",
     "@kbn/code-editor-mock",
     "@kbn/search-types",
-    "@kbn/react-kibana-mount"
+    "@kbn/react-kibana-mount",
+    "@kbn/spaces-plugin"
   ],
   "exclude": ["target/**/*"]
 }

x-pack/test/cloud_security_posture_functional/data_views/config.ts

@@ -0,0 +1,46 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { resolve } from 'path';
+import type { FtrConfigProviderContext } from '@kbn/test';
+import { pageObjects } from '../page_objects';
+
+// eslint-disable-next-line import/no-default-export
+export default async function ({ readConfigFile }: FtrConfigProviderContext) {
+  const xpackFunctionalConfig = await readConfigFile(
+    require.resolve('../../functional/config.base.js')
+  );
+
+  return {
+    ...xpackFunctionalConfig.getAll(),
+    pageObjects,
+    testFiles: [resolve(__dirname, './data_views')],
+    junit: {
+      reportName: 'X-Pack Cloud Security Posture Functional Tests',
+    },
+    kbnTestServer: {
+      ...xpackFunctionalConfig.get('kbnTestServer'),
+      serverArgs: [
+        ...xpackFunctionalConfig.get('kbnTestServer.serverArgs'),
+        /**
+         * Package version is fixed (not latest) so FTR won't suddenly break when package is changed.
+         *
+         * test a new package:
+         * 1. build the package and start the registry with elastic-package and uncomment the 'registryUrl' flag below
+         * 2. locally checkout the kibana version that matches the new package
+         * 3. update the package version below to use the new package version
+         * 4. run tests with NODE_EXTRA_CA_CERTS pointing to the elastic-package certificate
+         * 5. when test pass:
+         *   1. release a new package to EPR
+         *   2. merge the updated version number change to kibana
+         */
+        `--xpack.fleet.agents.fleet_server.hosts=["https://ftr.kibana:8220"]`,
+        `--xpack.fleet.internal.fleetServerStandalone=true`,
+      ],
+    },
+  };
+}

x-pack/test/cloud_security_posture_functional/data_views/data_views.ts

@@ -0,0 +1,192 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import expect from '@kbn/expect';
+import { DataViewAttributes } from '@kbn/data-views-plugin/common';
+import { CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX } from '@kbn/cloud-security-posture-plugin/common/constants';
+import { KbnClientSavedObjects } from '@kbn/test/src/kbn_client/kbn_client_saved_objects';
+import { FtrProviderContext } from '../ftr_provider_context';
+
+const TEST_SPACE = 'space-1';
+
+const getDataViewSafe = async (
+  soClient: KbnClientSavedObjects,
+  dataViewId: string,
+  currentSpaceId: string
+): Promise<boolean> => {
+  try {
+    await soClient.get<DataViewAttributes>({
+      type: 'index-pattern',
+      id: dataViewId,
+      space: currentSpaceId,
+    });
+    return true;
+  } catch (e) {
+    return false;
+  }
+};
+// eslint-disable-next-line import/no-default-export
+export default ({ getService, getPageObjects }: FtrProviderContext) => {
+  const kibanaServer = getService('kibanaServer');
+  const spacesService = getService('spaces');
+
+  const pageObjects = getPageObjects([
+    'common',
+    'findings',
+    'cloudPostureDashboard',
+    'header',
+    'spaceSelector',
+    'cspSecurity',
+  ]);
+
+  describe('Data Views', async function () {
+    this.tags(['cloud_security_posture_data_views', 'cloud_security_posture_spaces']);
+    let cspSecurity = pageObjects.cspSecurity;
+    let findings: typeof pageObjects.findings;
+
+    before(async () => {
+      cspSecurity = pageObjects.cspSecurity;
+      findings = pageObjects.findings;
+      await cspSecurity.createRoles();
+      await cspSecurity.createUsers();
+    });
+
+    afterEach(async () => {
+      await kibanaServer.savedObjects.clean({
+        types: ['index-pattern'],
+        space: 'default',
+      });
+      await kibanaServer.savedObjects.clean({
+        types: ['index-pattern'],
+        space: TEST_SPACE,
+      });
+
+      await spacesService.delete(TEST_SPACE);
+    });
+
+    it('Verify data view is created once user reach the findings page - default space', async () => {
+      const expectedDataViewId = `${CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX}-default`;
+      const idDataViewExists = await getDataViewSafe(
+        kibanaServer.savedObjects,
+        expectedDataViewId,
+        'default'
+      );
+      expect(idDataViewExists).to.be(false);
+
+      await findings.navigateToLatestVulnerabilitiesPage();
+      await pageObjects.header.waitUntilLoadingHasFinished();
+
+      const idDataViewExistsPostFindingsNavigation = await getDataViewSafe(
+        kibanaServer.savedObjects,
+        expectedDataViewId,
+        'default'
+      );
+      expect(idDataViewExistsPostFindingsNavigation).to.be(true);
+    });
+
+    it('Verify data view is created once user reach the dashboard page - default space', async () => {
+      const expectedDataViewId = `${CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX}-default`;
+      const idDataViewExists = await getDataViewSafe(
+        kibanaServer.savedObjects,
+        expectedDataViewId,
+        'default'
+      );
+      expect(idDataViewExists).to.be(false);
+
+      const cspDashboard = pageObjects.cloudPostureDashboard;
+      await cspDashboard.navigateToComplianceDashboardPage();
+      await pageObjects.header.waitUntilLoadingHasFinished();
+
+      const idDataViewExistsPostFindingsNavigation = await getDataViewSafe(
+        kibanaServer.savedObjects,
+        expectedDataViewId,
+        'default'
+      );
+      expect(idDataViewExistsPostFindingsNavigation).to.be(true);
+    });
+
+    it('Verify data view is created once user reach the findings page -  non default space', async () => {
+      await pageObjects.common.navigateToApp('home');
+      await spacesService.create({ id: TEST_SPACE, name: 'space_one', disabledFeatures: [] });
+      await pageObjects.spaceSelector.openSpacesNav();
+      await pageObjects.spaceSelector.clickSpaceAvatar(TEST_SPACE);
+      await pageObjects.spaceSelector.expectHomePage(TEST_SPACE);
+
+      const expectedDataViewId = `${CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX}-${TEST_SPACE}`;
+      const idDataViewExists = await getDataViewSafe(
+        kibanaServer.savedObjects,
+        expectedDataViewId,
+        TEST_SPACE
+      );
+
+      expect(idDataViewExists).to.be(false);
+
+      await findings.navigateToLatestFindingsPage(TEST_SPACE);
+      await pageObjects.header.waitUntilLoadingHasFinished();
+      const idDataViewExistsPostFindingsNavigation = await getDataViewSafe(
+        kibanaServer.savedObjects,
+        expectedDataViewId,
+        TEST_SPACE
+      );
+
+      expect(idDataViewExistsPostFindingsNavigation).to.be(true);
+    });
+
+    it('Verify data view is created once user reach the dashboard page -  non default space', async () => {
+      // await pageObjects.header.waitUntilLoadingHasFinished();
+      await pageObjects.common.navigateToApp('home');
+      await spacesService.create({ id: TEST_SPACE, name: 'space_one', disabledFeatures: [] });
+      await pageObjects.spaceSelector.openSpacesNav();
+      await pageObjects.spaceSelector.clickSpaceAvatar(TEST_SPACE);
+      await pageObjects.spaceSelector.expectHomePage(TEST_SPACE);
+      const expectedDataViewId = `${CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX}-${TEST_SPACE}`;
+      const idDataViewExists = await getDataViewSafe(
+        kibanaServer.savedObjects,
+        expectedDataViewId,
+        TEST_SPACE
+      );
+
+      expect(idDataViewExists).to.be(false);
+
+      const cspDashboard = pageObjects.cloudPostureDashboard;
+      await cspDashboard.navigateToComplianceDashboardPage(TEST_SPACE);
+      await pageObjects.header.waitUntilLoadingHasFinished();
+      const idDataViewExistsPostFindingsNavigation = await getDataViewSafe(
+        kibanaServer.savedObjects,
+        expectedDataViewId,
+        TEST_SPACE
+      );
+
+      expect(idDataViewExistsPostFindingsNavigation).to.be(true);
+    });
+
+    it('Verify data view is created once user with read permissions reach the dashboard page', async () => {
+      await pageObjects.common.navigateToApp('home');
+      await cspSecurity.logout();
+      await cspSecurity.login('csp_read_user');
+      const expectedDataViewId = `${CDR_MISCONFIGURATIONS_DATA_VIEW_ID_PREFIX}-default`;
+      const idDataViewExists = await getDataViewSafe(
+        kibanaServer.savedObjects,
+        expectedDataViewId,
+        'default'
+      );
+
+      expect(idDataViewExists).to.be(false);
+
+      const cspDashboard = pageObjects.cloudPostureDashboard;
+      await cspDashboard.navigateToComplianceDashboardPage();
+      await pageObjects.header.waitUntilLoadingHasFinished();
+      const idDataViewExistsPostFindingsNavigation = await getDataViewSafe(
+        kibanaServer.savedObjects,
+        expectedDataViewId,
+        'default'
+      );
+
+      expect(idDataViewExistsPostFindingsNavigation).to.be(true);
+    });
+  });
+};

x-pack/test/cloud_security_posture_functional/data_views/index.ts

@@ -0,0 +1,15 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { FtrProviderContext } from '../ftr_provider_context';
+
+// eslint-disable-next-line import/no-default-export
+export default function ({ loadTestFile }: FtrProviderContext) {
+  describe('Cloud Security Posture', function () {
+    loadTestFile(require.resolve('./data_views'));
+  });
+}

x-pack/test/cloud_security_posture_functional/page_objects/add_cis_integration_form_page.ts

@@ -116,38 +116,77 @@ export function AddCisIntegrationFormPageProvider({
     return fieldValue;
   };
 
-  const navigateToAddIntegrationCspmPage = async () => {
+  const navigateToAddIntegrationCspmPage = async (space?: string) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
+
     await PageObjects.common.navigateToUrl(
       'fleet', // Defined in Security Solution plugin
       'integrations/cloud_security_posture/add-integration/cspm',
-      { shouldUseHashForSubUrl: false }
+      options
     );
     await PageObjects.header.waitUntilLoadingHasFinished();
   };
 
-  const navigateToAddIntegrationCspmWithVersionPage = async (packageVersion: string) => {
+  const navigateToAddIntegrationCspmWithVersionPage = async (
+    packageVersion: string,
+    space?: string
+  ) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
+
     await PageObjects.common.navigateToUrl(
       'fleet',
       `integrations/cloud_security_posture-${packageVersion}/add-integration/cspm`,
-      { shouldUseHashForSubUrl: false }
+      options
     );
     await PageObjects.header.waitUntilLoadingHasFinished();
   };
 
-  const navigateToAddIntegrationCnvmPage = async () => {
+  const navigateToAddIntegrationCnvmPage = async (space?: string) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
+
     await PageObjects.common.navigateToUrl(
       'fleet', // Defined in Security Solution plugin
       'integrations/cloud_security_posture/add-integration/vuln_mgmt',
-      { shouldUseHashForSubUrl: false }
+      options
     );
     await PageObjects.header.waitUntilLoadingHasFinished();
   };
 
-  const navigateToAddIntegrationKspmPage = async () => {
+  const navigateToAddIntegrationKspmPage = async (space?: string) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
+
     await PageObjects.common.navigateToUrl(
       'fleet', // Defined in Security Solution plugin
       'integrations/cloud_security_posture/add-integration/kspm',
-      { shouldUseHashForSubUrl: false }
+      options
     );
     await PageObjects.header.waitUntilLoadingHasFinished();
   };

x-pack/test/cloud_security_posture_functional/page_objects/benchmark_page.ts

@@ -64,11 +64,20 @@ export function BenchmarkPagePageProvider({ getService, getPageObjects }: FtrPro
     },
   };
 
-  const navigateToBenchnmarkPage = async () => {
+  const navigateToBenchnmarkPage = async (space?: string) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
+
     await PageObjects.common.navigateToUrl(
       'securitySolution', // Defined in Security Solution plugin
       `cloud_security_posture/benchmarks/`,
-      { shouldUseHashForSubUrl: false }
+      options
     );
     await PageObjects.header.waitUntilLoadingHasFinished();
   };

x-pack/test/cloud_security_posture_functional/page_objects/csp_dashboard_page.ts

@@ -187,11 +187,20 @@ export function CspDashboardPageProvider({ getService, getPageObjects }: FtrProv
     },
   };
 
-  const navigateToComplianceDashboardPage = async () => {
+  const navigateToComplianceDashboardPage = async (space?: string) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
+
     await PageObjects.common.navigateToUrl(
       'securitySolution', // Defined in Security Solution plugin
       'cloud_security_posture/dashboard',
-      { shouldUseHashForSubUrl: false }
+      options
     );
   };
 

x-pack/test/cloud_security_posture_functional/page_objects/findings_page.ts

@@ -235,27 +235,53 @@ export function FindingsPageProvider({ getService, getPageObjects }: FtrProvider
     },
   });
 
-  const navigateToLatestFindingsPage = async () => {
+  const navigateToLatestFindingsPage = async (space?: string) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
+
     await PageObjects.common.navigateToUrl(
       'securitySolution', // Defined in Security Solution plugin
       'cloud_security_posture/findings/configurations',
-      { shouldUseHashForSubUrl: false }
+      options
     );
   };
 
-  const navigateToLatestVulnerabilitiesPage = async () => {
+  const navigateToLatestVulnerabilitiesPage = async (space?: string) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
     await PageObjects.common.navigateToUrl(
       'securitySolution', // Defined in Security Solution plugin
       'cloud_security_posture/findings/vulnerabilities',
-      { shouldUseHashForSubUrl: false }
+      options
     );
   };
 
-  const navigateToMisconfigurations = async () => {
+  const navigateToMisconfigurations = async (space?: string) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
+
     await PageObjects.common.navigateToUrl(
       'securitySolution', // Defined in Security Solution plugin
       'cloud_security_posture/findings/configurations',
-      { shouldUseHashForSubUrl: false }
+      options
     );
   };
 

x-pack/test/cloud_security_posture_functional/page_objects/rule_page.ts

@@ -191,11 +191,24 @@ export function RulePagePageProvider({ getService, getPageObjects }: FtrProvider
     },
   };
 
-  const navigateToRulePage = async (benchmarkCisId: string, benchmarkCisVersion: string) => {
+  const navigateToRulePage = async (
+    benchmarkCisId: string,
+    benchmarkCisVersion: string,
+    space?: string
+  ) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
+
     await PageObjects.common.navigateToUrl(
       'securitySolution', // Defined in Security Solution plugin
       `cloud_security_posture/benchmarks/${benchmarkCisId}/${benchmarkCisVersion}/rules`,
-      { shouldUseHashForSubUrl: false }
+      options
     );
     await PageObjects.header.waitUntilLoadingHasFinished();
   };

x-pack/test/cloud_security_posture_functional/page_objects/vulnerability_dashboard_page_object.ts

@@ -37,11 +37,20 @@ export function VulnerabilityDashboardPageProvider({
       log.debug('CSP plugin is initialized');
     });
 
-  const navigateToVulnerabilityDashboardPage = async () => {
+  const navigateToVulnerabilityDashboardPage = async (space?: string) => {
+    const options = space
+      ? {
+          basePath: `/s/${space}`,
+          shouldUseHashForSubUrl: false,
+        }
+      : {
+          shouldUseHashForSubUrl: false,
+        };
+
     await PageObjects.common.navigateToUrl(
       'securitySolution', // Defined in Security Solution plugin
       'cloud_security_posture/vulnerability_dashboard',
-      { shouldUseHashForSubUrl: false }
+      options
     );
   };