[Cloud Security] Add AWS Org instructions (#163952)

x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/aws_credentials_form/aws_credentials_form.tsx

@@ -18,7 +18,7 @@ import {
   EuiHorizontalRule,
 } from '@elastic/eui';
 import type { NewPackagePolicy } from '@kbn/fleet-plugin/public';
-import { PackageInfo } from '@kbn/fleet-plugin/common';
+import { NewPackagePolicyInput, PackageInfo } from '@kbn/fleet-plugin/common';
 import { FormattedMessage } from '@kbn/i18n-react';
 import { css } from '@emotion/react';
 import { i18n } from '@kbn/i18n';
@@ -34,6 +34,7 @@ import {
   NewPackagePolicyPostureInput,
 } from '../utils';
 import { SetupFormat, useAwsCredentialsForm } from './hooks';
+import { AWS_ORGANIZATION_ACCOUNT } from '../policy_template_form';
 import { AwsCredentialsType } from '../../../../common/types';
 
 interface AWSSetupInfoContentProps {
@@ -106,8 +107,10 @@ interface Props {
 
 const CloudFormationSetup = ({
   hasCloudFormationTemplate,
+  input,
 }: {
   hasCloudFormationTemplate: boolean;
+  input: NewPackagePolicyInput;
 }) => {
   if (!hasCloudFormationTemplate) {
     return (
@@ -119,6 +122,9 @@ const CloudFormationSetup = ({
       </EuiCallOut>
     );
   }
+
+  const accountType = input.streams?.[0]?.vars?.['aws.account_type']?.value;
+
   return (
     <>
       <EuiText color="subdued" size="s">
@@ -127,12 +133,21 @@ const CloudFormationSetup = ({
             list-style: auto;
           `}
         >
-          <li>
-            <FormattedMessage
-              id="xpack.csp.awsIntegration.cloudFormationSetupStep.login"
-              defaultMessage="Log in as an admin to the AWS Account you want to onboard"
-            />
-          </li>
+          {accountType === AWS_ORGANIZATION_ACCOUNT ? (
+            <li>
+              <FormattedMessage
+                id="xpack.csp.awsIntegration.cloudFormationSetupStep.organizationLogin"
+                defaultMessage="Log in as an admin in your organization's AWS management account"
+              />
+            </li>
+          ) : (
+            <li>
+              <FormattedMessage
+                id="xpack.csp.awsIntegration.cloudFormationSetupStep.login"
+                defaultMessage="Log in as an admin to the AWS Account you want to onboard"
+              />
+            </li>
+          )}
           <li>
             <FormattedMessage
               id="xpack.csp.awsIntegration.cloudFormationSetupStep.save"
@@ -224,7 +239,7 @@ export const AwsCredentialsForm = ({
       />
       <EuiSpacer size="l" />
       {setupFormat === 'cloud_formation' && (
-        <CloudFormationSetup hasCloudFormationTemplate={hasCloudFormationTemplate} />
+        <CloudFormationSetup hasCloudFormationTemplate={hasCloudFormationTemplate} input={input} />
       )}
       {setupFormat === 'manual' && (
         <>

x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/components/post_install_cloud_formation_modal.tsx

@@ -58,7 +58,7 @@ export const PostInstallCloudFormationModal: React.FunctionComponent<{
       </EuiModalHeader>
 
       <EuiModalBody>
-        <CloudFormationGuide />
+        <CloudFormationGuide awsAccountType={cloudFormationProps.awsAccountType} />
         {error && isError && (
           <>
             <EuiSpacer size="m" />

x-pack/plugins/fleet/public/components/agent_enrollment_flyout/cloud_formation_instructions.tsx

@@ -50,7 +50,9 @@ export const CloudFormationInstructions: React.FunctionComponent<Props> = ({
         }
       )}
     >
-      <CloudFormationGuide />
+      <CloudFormationGuide
+        awsAccountType={cloudSecurityIntegration?.cloudFormationProps?.awsAccountType}
+      />
       <EuiSpacer size="m" />
       <EuiButton
         color="primary"

x-pack/plugins/fleet/public/components/cloud_formation_guide.tsx

@@ -9,6 +9,8 @@ import React from 'react';
 import { EuiLink, EuiText } from '@elastic/eui';
 import { FormattedMessage } from '@kbn/i18n-react';
 
+import type { CloudSecurityIntegrationAwsAccountType } from './agent_enrollment_flyout/types';
+
 const CLOUD_FORMATION_EXTERNAL_DOC_URL =
   'https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-whatis-howdoesitwork.html';
 
@@ -23,7 +25,11 @@ const Link = ({ children, url }: { children: React.ReactNode; url: string }) =>
   </EuiLink>
 );
 
-export const CloudFormationGuide = () => {
+export const CloudFormationGuide = ({
+  awsAccountType,
+}: {
+  awsAccountType?: CloudSecurityIntegrationAwsAccountType;
+}) => {
   return (
     <EuiText>
       <p>
@@ -44,12 +50,21 @@ export const CloudFormationGuide = () => {
       </p>
       <EuiText size="s" color="subdued">
         <ol>
-          <li>
-            <FormattedMessage
-              id="xpack.fleet.cloudFormation.guide.steps.login"
-              defaultMessage="Ensure you are logged in as an admin in the AWS Account you want to onboard"
-            />
-          </li>
+          {awsAccountType === 'organization-account' ? (
+            <li>
+              <FormattedMessage
+                id="xpack.fleet.cloudFormation.guide.steps.organizationLogin"
+                defaultMessage="Log in as an admin in the management account of the AWS Organization you want to onboard"
+              />
+            </li>
+          ) : (
+            <li>
+              <FormattedMessage
+                id="xpack.fleet.cloudFormation.guide.steps.login"
+                defaultMessage="Log in as an admin in the AWS account you want to onboard"
+              />
+            </li>
+          )}
           <li>
             <FormattedMessage
               id="xpack.fleet.cloudFormation.guide.steps.launch"