[access_graph] add usage events for Crown Jewel's create and AccessPa…

…thChanged events (#46642)

* Add audit events to Crown Jewel methods

This PR adds the audit events for the crown jewel functionatlity.

Part of gravitational/access-graph#1193

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>

* [access_graph] add usage events for Crown Jewel's create and AccessPathChanged events

This PR adds the necessary usage event to track crown jewels diffs.

Part of gravitational/access-graph#1193

Requires #46641

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>

* add webui event

---------

Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>

api/proto/teleport/usageevents/v1/usageevents.proto

@@ -694,6 +694,14 @@ message AccessGraphAWSScanEvent {
   uint64 total_accounts = 11;
 }
 
+// UIAccessGraphCrownJewelDiffViewEvent is emitted when a user reviews the output of a Crown Jewel access path dff.
+message UIAccessGraphCrownJewelDiffViewEvent {
+  // affected_resource_source is the source of the affected resource.
+  string affected_resource_source = 1;
+  // affected_resource_type is the type of the affected resource.
+  string affected_resource_type = 2;
+}
+
 // SecurityReportGetResultEvent is emitted when the user requests a security report.
 message SecurityReportGetResultEvent {
   // name is the name of the security report.
@@ -775,6 +783,7 @@ message UsageEventOneOf {
     UIDiscoverKubeEKSEnrollEvent ui_discover_kube_eks_enroll_event = 56;
     UIDiscoverCreateAppServerEvent ui_discover_create_app_server_event = 57;
     AccessGraphAWSScanEvent access_graph_aws_scan_event = 58;
+    UIAccessGraphCrownJewelDiffViewEvent ui_access_graph_crown_jewel_diff_view = 59;
   }
   reserved 2; //UIOnboardGetStartedClickEvent
   reserved "ui_onboard_get_started_click";

lib/usagereporter/teleport/audit.go

@@ -292,6 +292,13 @@ func ConvertAuditEvent(event apievents.AuditEvent) Anonymizable {
 			out.NumTablesPermissions += entry.Counts[databaseobjectimportrule.ObjectKindTable]
 		}
 		return out
+	case *apievents.AccessPathChanged:
+		return &AccessGraphAccessPathChangedEvent{
+			AffectedResourceType:   e.AffectedResourceType,
+			AffectedResourceSource: e.AffectedResourceSource,
+		}
+	case *apievents.CrownJewelCreate:
+		return &AccessGraphCrownJewelCreateEvent{}
 	}
 
 	return nil

lib/usagereporter/teleport/audit_test.go

@@ -182,6 +182,36 @@ func TestConvertAuditEvent(t *testing.T) {
 				},
 			},
 		},
+		{
+			desc: "AccessPathChanged",
+			event: &apievents.AccessPathChanged{
+				AffectedResourceName:   "some-resource",
+				AffectedResourceType:   "ssh",
+				AffectedResourceSource: "TELEPORT",
+			},
+			expected: &AccessGraphAccessPathChangedEvent{
+				AffectedResourceType:   "ssh",
+				AffectedResourceSource: "TELEPORT",
+			},
+			expectedAnonymized: &prehogv1a.SubmitEventRequest{
+				Event: &prehogv1a.SubmitEventRequest_AccessGraphAccessPathChanged{
+					AccessGraphAccessPathChanged: &prehogv1a.AccessGraphAccessPathChangedEvent{
+						AffectedResourceType:   "ssh",
+						AffectedResourceSource: "teleport",
+					},
+				},
+			},
+		},
+		{
+			desc:     "CrownJewelCreateEvent",
+			event:    &apievents.CrownJewelCreate{},
+			expected: &AccessGraphCrownJewelCreateEvent{},
+			expectedAnonymized: &prehogv1a.SubmitEventRequest{
+				Event: &prehogv1a.SubmitEventRequest_AccessGraphCrownJewelCreate{
+					AccessGraphCrownJewelCreate: &prehogv1a.AccessGraphCrownJewelCreateEvent{},
+				},
+			},
+		},
 	}
 
 	for _, tt := range cases {