From 042062b13ae064f69847b82f7d34f675a7dd8535 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Herv=C3=A9?= Date: Mon, 4 Sep 2023 18:00:23 +0200 Subject: [PATCH] Fix cloud configuration policy tests The dumb policy in our current tests doesn't pass the new validation rules. --- ...DatadogCloudConfigurationRule_Basic.freeze | 2 +- ...ccDatadogCloudConfigurationRule_Basic.yaml | 54 +++++++++---------- ...atadogCloudConfigurationRule_Import.freeze | 2 +- ...cDatadogCloudConfigurationRule_Import.yaml | 18 +++---- ...nfigurationRule_MandatoryFieldsOnly.freeze | 2 +- ...ConfigurationRule_MandatoryFieldsOnly.yaml | 18 +++---- ...e_datadog_cloud_configuration_rule_test.go | 16 +++--- 7 files changed, 56 insertions(+), 56 deletions(-) diff --git a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Basic.freeze b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Basic.freeze index 728039d90..f52e354ba 100644 --- a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Basic.freeze +++ b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Basic.freeze @@ -1 +1 @@ -2023-07-21T11:22:27.603774-04:00 \ No newline at end of file +2023-09-04T17:14:28.250378945+02:00 \ No newline at end of file diff --git a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Basic.yaml b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Basic.yaml index 92247e669..b02efaaa6 100644 --- a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Basic.yaml +++ b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Basic.yaml @@ -3,7 +3,7 @@ version: 1 interactions: - request: body: | - {"cases":[{"notifications":["@channel"],"status":"low"}],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":["@resource"]},"filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}],"isEnabled":false,"message":"Acceptance test TF rule","name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947","options":{"complianceRuleOptions":{"complexRule":true,"regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"resourceType":"gcp_compute_instance"}},"tags":["test:acceptance","terraform:true"],"type":"cloud_configuration"} + {"cases":[{"notifications":["@channel"],"status":"low"}],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":["@resource"]},"filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}],"isEnabled":false,"message":"Acceptance test TF rule","name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468","options":{"complianceRuleOptions":{"complexRule":true,"regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) \u003c= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"resourceType":"gcp_compute_instance"}},"tags":["test:acceptance","terraform:true"],"type":"cloud_configuration"} form: {} headers: Accept: @@ -14,7 +14,7 @@ interactions: method: POST response: body: | - {"id":"wyh-ul1-mae","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947","createdAt":1689952950663,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"condition":"a > 0","name":"","status":"low","notifications":["@channel"]}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} + {"id":"apz-erq-km9","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468","createdAt":1693840470344,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} headers: Content-Type: - application/json @@ -27,11 +27,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: GET response: body: | - {"id":"wyh-ul1-mae","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947","createdAt":1689952950663,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"condition":"a > 0","name":"","status":"low","notifications":["@channel"]}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} + {"id":"apz-erq-km9","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468","createdAt":1693840470344,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} headers: Content-Type: - application/json @@ -44,11 +44,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: GET response: body: | - {"id":"wyh-ul1-mae","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947","createdAt":1689952950663,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"condition":"a > 0","name":"","status":"low","notifications":["@channel"]}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} + {"id":"apz-erq-km9","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468","createdAt":1693840470344,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} headers: Content-Type: - application/json @@ -61,11 +61,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: GET response: body: | - {"id":"wyh-ul1-mae","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947","createdAt":1689952950663,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"condition":"a > 0","name":"","status":"low","notifications":["@channel"]}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} + {"id":"apz-erq-km9","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468","createdAt":1693840470344,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} headers: Content-Type: - application/json @@ -74,18 +74,18 @@ interactions: duration: "" - request: body: | - {"cases":[{"notifications":["@channel-upd"],"status":"high"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@resource","@resource_type"]},"filters":[{"action":"suppress","query":"resource_id:updated*"}],"isEnabled":true,"message":"Acceptance test TF rule - updated","name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947 - updated","options":{"complianceRuleOptions":{"complexRule":true,"regoRule":{"policy":"package datadog # updated","resourceTypes":["gcp_compute_disk","gcp_compute_instance","gcp_compute_firewall"]},"resourceType":"gcp_compute_disk"}},"tags":["test:acceptance-updated"]} + {"cases":[{"notifications":["@channel-upd"],"status":"high"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@resource","@resource_type"]},"filters":[{"action":"suppress","query":"resource_id:updated*"}],"isEnabled":true,"message":"Acceptance test TF rule - updated","name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468 - updated","options":{"complianceRuleOptions":{"complexRule":true,"regoRule":{"policy":"package datadog # updated\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) \u003c= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk","gcp_compute_instance","gcp_compute_firewall"]},"resourceType":"gcp_compute_disk"}},"tags":["test:acceptance-updated"]} form: {} headers: Accept: - application/json Content-Type: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: PUT response: body: | - {"id":"wyh-ul1-mae","version":2,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947 - updated","createdAt":1689952950663,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package datadog # updated","resourceTypes":["gcp_compute_disk","gcp_compute_instance","gcp_compute_firewall"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource","@resource_type"]},"cases":[{"condition":"a > 0","name":"","status":"high","notifications":["@channel-upd"]}],"message":"Acceptance test TF rule - updated","tags":["test:acceptance-updated"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:updated*"}]} + {"id":"apz-erq-km9","version":2,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468 - updated","createdAt":1693840470344,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package datadog # updated\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk","gcp_compute_instance","gcp_compute_firewall"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource","@resource_type"]},"cases":[{"name":"","status":"high","notifications":["@channel-upd"],"condition":"a > 0"}],"message":"Acceptance test TF rule - updated","tags":["test:acceptance-updated"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:updated*"}]} headers: Content-Type: - application/json @@ -98,11 +98,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: GET response: body: | - {"id":"wyh-ul1-mae","version":2,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947 - updated","createdAt":1689952950663,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package datadog # updated","resourceTypes":["gcp_compute_disk","gcp_compute_instance","gcp_compute_firewall"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource","@resource_type"]},"cases":[{"condition":"a > 0","name":"","status":"high","notifications":["@channel-upd"]}],"message":"Acceptance test TF rule - updated","tags":["test:acceptance-updated"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:updated*"}]} + {"id":"apz-erq-km9","version":2,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468 - updated","createdAt":1693840470344,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package datadog # updated\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk","gcp_compute_instance","gcp_compute_firewall"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource","@resource_type"]},"cases":[{"name":"","status":"high","notifications":["@channel-upd"],"condition":"a > 0"}],"message":"Acceptance test TF rule - updated","tags":["test:acceptance-updated"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:updated*"}]} headers: Content-Type: - application/json @@ -115,11 +115,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: GET response: body: | - {"id":"wyh-ul1-mae","version":2,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947 - updated","createdAt":1689952950663,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package datadog # updated","resourceTypes":["gcp_compute_disk","gcp_compute_instance","gcp_compute_firewall"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource","@resource_type"]},"cases":[{"condition":"a > 0","name":"","status":"high","notifications":["@channel-upd"]}],"message":"Acceptance test TF rule - updated","tags":["test:acceptance-updated"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:updated*"}]} + {"id":"apz-erq-km9","version":2,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468 - updated","createdAt":1693840470344,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package datadog # updated\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk","gcp_compute_instance","gcp_compute_firewall"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource","@resource_type"]},"cases":[{"name":"","status":"high","notifications":["@channel-upd"],"condition":"a > 0"}],"message":"Acceptance test TF rule - updated","tags":["test:acceptance-updated"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:updated*"}]} headers: Content-Type: - application/json @@ -132,11 +132,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: GET response: body: | - {"id":"wyh-ul1-mae","version":2,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947 - updated","createdAt":1689952950663,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package datadog # updated","resourceTypes":["gcp_compute_disk","gcp_compute_instance","gcp_compute_firewall"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource","@resource_type"]},"cases":[{"condition":"a > 0","name":"","status":"high","notifications":["@channel-upd"]}],"message":"Acceptance test TF rule - updated","tags":["test:acceptance-updated"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:updated*"}]} + {"id":"apz-erq-km9","version":2,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468 - updated","createdAt":1693840470344,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":true,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_disk","regoRule":{"policy":"package datadog # updated\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_disk","gcp_compute_instance","gcp_compute_firewall"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource","@resource_type"]},"cases":[{"name":"","status":"high","notifications":["@channel-upd"],"condition":"a > 0"}],"message":"Acceptance test TF rule - updated","tags":["test:acceptance-updated"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:updated*"}]} headers: Content-Type: - application/json @@ -145,18 +145,18 @@ interactions: duration: "" - request: body: | - {"cases":[{"notifications":[],"status":"medium"}],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":[]},"filters":[],"isEnabled":false,"message":"Acceptance test TF rule - updated again","name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947 - updated again","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package datadog # updated again","resourceTypes":["gcp_compute_instance"]},"resourceType":"gcp_compute_instance"}},"tags":["test:acceptance-updated-again"]} + {"cases":[{"notifications":[],"status":"medium"}],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":[]},"filters":[],"isEnabled":false,"message":"Acceptance test TF rule - updated again","name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468 - updated again","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package datadog # updated again\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) \u003c= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance"]},"resourceType":"gcp_compute_instance"}},"tags":["test:acceptance-updated-again"]} form: {} headers: Accept: - application/json Content-Type: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: PUT response: body: | - {"id":"wyh-ul1-mae","version":3,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947 - updated again","createdAt":1689952950663,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog # updated again","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"condition":"a > 0","name":"","status":"medium","notifications":[]}],"message":"Acceptance test TF rule - updated again","tags":["test:acceptance-updated-again"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} + {"id":"apz-erq-km9","version":3,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468 - updated again","createdAt":1693840470344,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog # updated again\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"name":"","status":"medium","notifications":[],"condition":"a > 0"}],"message":"Acceptance test TF rule - updated again","tags":["test:acceptance-updated-again"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} headers: Content-Type: - application/json @@ -169,11 +169,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: GET response: body: | - {"id":"wyh-ul1-mae","version":3,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947 - updated again","createdAt":1689952950663,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog # updated again","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"condition":"a > 0","name":"","status":"medium","notifications":[]}],"message":"Acceptance test TF rule - updated again","tags":["test:acceptance-updated-again"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} + {"id":"apz-erq-km9","version":3,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468 - updated again","createdAt":1693840470344,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog # updated again\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"name":"","status":"medium","notifications":[],"condition":"a > 0"}],"message":"Acceptance test TF rule - updated again","tags":["test:acceptance-updated-again"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} headers: Content-Type: - application/json @@ -186,11 +186,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: GET response: body: | - {"id":"wyh-ul1-mae","version":3,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1689952947 - updated again","createdAt":1689952950663,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog # updated again","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"condition":"a > 0","name":"","status":"medium","notifications":[]}],"message":"Acceptance test TF rule - updated again","tags":["test:acceptance-updated-again"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} + {"id":"apz-erq-km9","version":3,"name":"tf-TestAccDatadogCloudConfigurationRule_Basic-local-1693840468 - updated again","createdAt":1693840470344,"creationAuthorId":1445416,"updateAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog # updated again\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"name":"","status":"medium","notifications":[],"condition":"a > 0"}],"message":"Acceptance test TF rule - updated again","tags":["test:acceptance-updated-again"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} headers: Content-Type: - application/json @@ -203,7 +203,7 @@ interactions: headers: Accept: - '*/*' - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: DELETE response: body: "" @@ -217,11 +217,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wyh-ul1-mae + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/apz-erq-km9 method: GET response: body: | - {"errors":["Threat detection rule not found: wyh-ul1-mae"]} + {"errors":["Threat detection rule not found: apz-erq-km9"]} headers: Content-Type: - application/json diff --git a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Import.freeze b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Import.freeze index 83d1a4dcb..607939396 100644 --- a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Import.freeze +++ b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Import.freeze @@ -1 +1 @@ -2023-07-21T16:32:48.033975+02:00 \ No newline at end of file +2023-09-04T17:15:22.110265706+02:00 \ No newline at end of file diff --git a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Import.yaml b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Import.yaml index 252bead3c..9d0249c6c 100644 --- a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Import.yaml +++ b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Import.yaml @@ -3,7 +3,7 @@ version: 1 interactions: - request: body: | - {"cases":[{"notifications":["@channel"],"status":"low"}],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":["@resource"]},"filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}],"isEnabled":false,"message":"Acceptance test TF rule","name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1689949968","options":{"complianceRuleOptions":{"complexRule":true,"regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"resourceType":"gcp_compute_instance"}},"tags":["test:acceptance","terraform:true"],"type":"cloud_configuration"} + {"cases":[{"notifications":["@channel"],"status":"low"}],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":["@resource"]},"filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}],"isEnabled":false,"message":"Acceptance test TF rule","name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1693840522","options":{"complianceRuleOptions":{"complexRule":true,"regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) \u003c= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"resourceType":"gcp_compute_instance"}},"tags":["test:acceptance","terraform:true"],"type":"cloud_configuration"} form: {} headers: Accept: @@ -14,7 +14,7 @@ interactions: method: POST response: body: | - {"id":"dlw-uic-877","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1689949968","createdAt":1689949972853,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"condition":"a > 0","name":"","status":"low","notifications":["@channel"]}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} + {"id":"cwm-zsf-jul","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1693840522","createdAt":1693840523889,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} headers: Content-Type: - application/json @@ -27,11 +27,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/dlw-uic-877 + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/cwm-zsf-jul method: GET response: body: | - {"id":"dlw-uic-877","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1689949968","createdAt":1689949972853,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"condition":"a > 0","name":"","status":"low","notifications":["@channel"]}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} + {"id":"cwm-zsf-jul","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1693840522","createdAt":1693840523889,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} headers: Content-Type: - application/json @@ -44,11 +44,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/dlw-uic-877 + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/cwm-zsf-jul method: GET response: body: | - {"id":"dlw-uic-877","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1689949968","createdAt":1689949972853,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"condition":"a > 0","name":"","status":"low","notifications":["@channel"]}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} + {"id":"cwm-zsf-jul","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1693840522","createdAt":1693840523889,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]} headers: Content-Type: - application/json @@ -61,7 +61,7 @@ interactions: headers: Accept: - '*/*' - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/dlw-uic-877 + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/cwm-zsf-jul method: DELETE response: body: "" @@ -75,11 +75,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/dlw-uic-877 + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/cwm-zsf-jul method: GET response: body: | - {"errors":["Threat detection rule not found: dlw-uic-877"]} + {"errors":["Threat detection rule not found: cwm-zsf-jul"]} headers: Content-Type: - application/json diff --git a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly.freeze b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly.freeze index bb59c0ba4..b79f40d1f 100644 --- a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly.freeze +++ b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly.freeze @@ -1 +1 @@ -2023-07-21T11:22:46.264993-04:00 \ No newline at end of file +2023-09-04T17:14:55.061902485+02:00 \ No newline at end of file diff --git a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly.yaml b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly.yaml index 8c42e40b8..35e4b7222 100644 --- a/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly.yaml +++ b/datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly.yaml @@ -3,7 +3,7 @@ version: 1 interactions: - request: body: | - {"cases":[{"notifications":[],"status":"low"}],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":[]},"filters":[],"isEnabled":false,"message":"Acceptance test TF rule","name":"tf-TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly-local-1689952966","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance"]},"resourceType":"gcp_compute_instance"}},"tags":[],"type":"cloud_configuration"} + {"cases":[{"notifications":[],"status":"low"}],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":[]},"filters":[],"isEnabled":false,"message":"Acceptance test TF rule","name":"tf-TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly-local-1693840495","options":{"complianceRuleOptions":{"complexRule":false,"regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) \u003c= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance"]},"resourceType":"gcp_compute_instance"}},"tags":[],"type":"cloud_configuration"} form: {} headers: Accept: @@ -14,7 +14,7 @@ interactions: method: POST response: body: | - {"id":"wsp-wgv-s1t","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly-local-1689952966","createdAt":1689952968967,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"condition":"a > 0","name":"","status":"low","notifications":[]}],"message":"Acceptance test TF rule","tags":[],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} + {"id":"8ey-33o-ysd","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly-local-1693840495","createdAt":1693840496838,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"name":"","status":"low","notifications":[],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":[],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} headers: Content-Type: - application/json @@ -27,11 +27,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wsp-wgv-s1t + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/8ey-33o-ysd method: GET response: body: | - {"id":"wsp-wgv-s1t","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly-local-1689952966","createdAt":1689952968967,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"condition":"a > 0","name":"","status":"low","notifications":[]}],"message":"Acceptance test TF rule","tags":[],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} + {"id":"8ey-33o-ysd","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly-local-1693840495","createdAt":1693840496838,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"name":"","status":"low","notifications":[],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":[],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} headers: Content-Type: - application/json @@ -44,11 +44,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wsp-wgv-s1t + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/8ey-33o-ysd method: GET response: body: | - {"id":"wsp-wgv-s1t","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly-local-1689952966","createdAt":1689952968967,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"condition":"a > 0","name":"","status":"low","notifications":[]}],"message":"Acceptance test TF rule","tags":[],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} + {"id":"8ey-33o-ysd","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly-local-1693840495","createdAt":1693840496838,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance"]},"complexRule":false}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":[]},"cases":[{"name":"","status":"low","notifications":[],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":[],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[]} headers: Content-Type: - application/json @@ -61,7 +61,7 @@ interactions: headers: Accept: - '*/*' - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wsp-wgv-s1t + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/8ey-33o-ysd method: DELETE response: body: "" @@ -75,11 +75,11 @@ interactions: headers: Accept: - application/json - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/wsp-wgv-s1t + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/8ey-33o-ysd method: GET response: body: | - {"errors":["Threat detection rule not found: wsp-wgv-s1t"]} + {"errors":["Threat detection rule not found: 8ey-33o-ysd"]} headers: Content-Type: - application/json diff --git a/datadog/tests/resource_datadog_cloud_configuration_rule_test.go b/datadog/tests/resource_datadog_cloud_configuration_rule_test.go index 100564df6..bdaaf965a 100644 --- a/datadog/tests/resource_datadog_cloud_configuration_rule_test.go +++ b/datadog/tests/resource_datadog_cloud_configuration_rule_test.go @@ -92,7 +92,7 @@ resource "datadog_cloud_configuration_rule" "acceptance_test" { name = "%s" notifications = [ "@channel" ] group_by = [ "@resource" ] - policy = "package datadog" + policy = "package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n" resource_type = "gcp_compute_instance" related_resource_types = [ "gcp_compute_disk" ] severity = "low" @@ -126,7 +126,7 @@ func testAccCheckDatadogCloudConfigurationCreatedCheck(accProvider func() (*sche resource.TestCheckResourceAttr( tfCloudConfRuleName, "group_by.0", "@resource"), resource.TestCheckResourceAttr( - tfCloudConfRuleName, "policy", "package datadog"), + tfCloudConfRuleName, "policy", "package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n"), resource.TestCheckResourceAttr( tfCloudConfRuleName, "resource_type", "gcp_compute_instance"), resource.TestCheckResourceAttr( @@ -156,7 +156,7 @@ resource "datadog_cloud_configuration_rule" "acceptance_test" { name = "%s - updated" notifications = [ "@channel-upd" ] group_by = [ "@resource", "@resource_type" ] - policy = "package datadog # updated" + policy = "package datadog # updated\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n" resource_type = "gcp_compute_disk" related_resource_types = [ "gcp_compute_instance", "gcp_compute_firewall" ] severity = "high" @@ -185,7 +185,7 @@ func testAccCheckDatadogCloudConfigurationUpdatedCheck(accProvider func() (*sche resource.TestCheckResourceAttr( tfCloudConfRuleName, "group_by.1", "@resource_type"), resource.TestCheckResourceAttr( - tfCloudConfRuleName, "policy", "package datadog # updated"), + tfCloudConfRuleName, "policy", "package datadog # updated\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n"), resource.TestCheckResourceAttr( tfCloudConfRuleName, "resource_type", "gcp_compute_disk"), resource.TestCheckResourceAttr( @@ -209,7 +209,7 @@ resource "datadog_cloud_configuration_rule" "acceptance_test" { enabled = false message = "Acceptance test TF rule - updated again" name = "%s - updated again" - policy = "package datadog # updated again" + policy = "package datadog # updated again\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n" resource_type = "gcp_compute_instance" severity = "medium" tags = [ "test:acceptance-updated-again" ] @@ -231,7 +231,7 @@ func testAccCheckDatadogCloudConfigurationUpdatedMandatoryFieldsCheck(accProvide resource.TestCheckNoResourceAttr( tfCloudConfRuleName, "group_by.0"), resource.TestCheckResourceAttr( - tfCloudConfRuleName, "policy", "package datadog # updated again"), + tfCloudConfRuleName, "policy", "package datadog # updated again\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n"), resource.TestCheckResourceAttr( tfCloudConfRuleName, "resource_type", "gcp_compute_instance"), resource.TestCheckNoResourceAttr( @@ -249,7 +249,7 @@ resource "datadog_cloud_configuration_rule" "acceptance_test" { enabled = false message = "Acceptance test TF rule" name = "%s" - policy = "package datadog" + policy = "package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n" resource_type = "gcp_compute_instance" severity = "low" } @@ -270,7 +270,7 @@ func testAccCheckDatadogCloudConfigurationCreatedMandatoryFieldsCheck(accProvide resource.TestCheckNoResourceAttr( tfCloudConfRuleName, "group_by"), resource.TestCheckResourceAttr( - tfCloudConfRuleName, "policy", "package datadog"), + tfCloudConfRuleName, "policy", "package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n"), resource.TestCheckResourceAttr( tfCloudConfRuleName, "resource_type", "gcp_compute_instance"), resource.TestCheckNoResourceAttr(