aws: optimise cloudtrail field retention work (#14441)

In #14236 we allowed users to select which extended fields they wanted to retain in order to reduce storage costs in cases where they did not what the full set of capacities that the data stream can provide. We did not however prevent the work of collecting those unwanted fields. This change does that, avoiding retaining fields that will ultimately not be kept if possible. It is unfortunate that the wide variety of fields is needed at all, but resolving that depends on improving platform support for the diversity of fields that the data source provides and then making more efficient use of those improvements in the detection rules. Until then, this is what we have.

Author: efd6

packages/aws/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "3.13.0"
+ changes:
+ - description: Reduce unnecessary work done in cloudtrail data stream when flattened fields are not required.
+ type: enhancement
+ link: https://github.com/elastic/integrations/pull/14441
 - version: "3.12.0"
  changes:
  - description: |