Skip to content

Commit

Permalink
Add google_chronicle_watchlist resource to chronicle (#12648)
Browse files Browse the repository at this point in the history
  • Loading branch information
ankitgoyal0301 authored Dec 30, 2024
1 parent 102794a commit c809b03
Show file tree
Hide file tree
Showing 6 changed files with 266 additions and 0 deletions.
129 changes: 129 additions & 0 deletions mmv1/products/chronicle/Watchlist.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
# Copyright 2024 Google Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

---
name: Watchlist
description: A watchlist is a list of entities that allows for bulk operations over the included entities.
min_version: beta
references:
guides:
'Google SecOps Guides': 'https://cloud.google.com/chronicle/docs/secops/secops-overview'
api: 'https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.watchlists'
base_url: projects/{{project}}/locations/{{location}}/instances/{{instance}}/watchlists
self_link: projects/{{project}}/locations/{{location}}/instances/{{instance}}/watchlists/{{watchlist_id}}
create_url: projects/{{project}}/locations/{{location}}/instances/{{instance}}/watchlists?watchlistId={{watchlist_id}}
id_format: projects/{{project}}/locations/{{location}}/instances/{{instance}}/watchlists/{{watchlist_id}}
import_format:
- projects/{{project}}/locations/{{location}}/instances/{{instance}}/watchlists/{{watchlist_id}}
update_verb: PATCH
update_mask: true

examples:
- name: 'chronicle_watchlist_basic'
primary_resource_id: 'example'
min_version: 'beta'
vars:
name: watchlist-name
description: watchlist-description
test_env_vars:
chronicle_id: 'CHRONICLE_ID'

parameters:
- name: location
type: String
description: The location of the resource. This is the geographical region where the Chronicle instance resides, such as "us" or "europe-west2".
immutable: true
url_param_only: true
required: true
- name: instance
type: String
description: The unique identifier for the Chronicle instance, which is the same as the customer ID.
immutable: true
url_param_only: true
required: true
- name: watchlistId
type: String
description: |-
Optional. The ID to use for the watchlist,
which will become the final component of the watchlist's resource name.
This value should be 4-63 characters, and valid characters
are /a-z-/.
immutable: true
url_param_only: true
required: true
properties:
- name: name
type: String
description: |-
Identifier. Resource name of the watchlist. This unique identifier is generated using values provided for the URL parameters.
Format:
projects/{project}/locations/{location}/instances/{instance}/watchlists/{watchlist}
output: true
- name: multiplyingFactor
type: Double
description: |-
Optional. Weight applied to the risk score for entities
in this watchlist.
The default is 1.0 if it is not specified.
- name: createTime
type: String
description: Output only. Time the watchlist was created.
output: true
- name: updateTime
type: String
description: Output only. Time the watchlist was last updated.
output: true
- name: displayName
type: String
description: |-
Required. Display name of the watchlist.
Note that it must be at least one character and less than 63 characters
(https://google.aip.dev/148).
required: true
- name: description
type: String
description: Optional. Description of the watchlist.
- name: entityPopulationMechanism
type: NestedObject
description: Mechanism to populate entities in the watchlist.
required: true
properties:
- name: manual
type: NestedObject
description: Entities are added manually.
default_from_api: true
allow_empty_object: true
send_empty_value: true
properties:
[] # Meant to be an empty object with no properties.
- name: entityCount
type: NestedObject
description: Count of different types of entities in the watchlist.
output: true
properties:
- name: user
type: Integer
description: Output only. Count of user type entities in the watchlist.
output: true
- name: asset
type: Integer
description: Output only. Count of asset type entities in the watchlist.
output: true
- name: watchlistUserPreferences
type: NestedObject
description: A collection of user preferences for watchlist UI configuration.
default_from_api: true
properties:
- name: pinned
type: Boolean
description: Optional. Whether the watchlist is pinned on the dashboard.
21 changes: 21 additions & 0 deletions mmv1/products/chronicle/product.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# Copyright 2024 Google Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

---
name: Chronicle
display_name: Chronicle
scopes:
- https://www.googleapis.com/auth/cloud-platform
versions:
- base_url: https://{{location}}-chronicle.googleapis.com/v1beta/
name: beta
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
resource "google_chronicle_watchlist" "{{$.PrimaryResourceId}}" {
provider = "google-beta"
location = "us"
instance = "{{index $.TestEnvVars "chronicle_id"}}"
watchlist_id = "{{index $.Vars "name"}}"
description = "{{index $.Vars "description"}}"
display_name = "{{index $.Vars "name"}}"
multiplying_factor = 1
entity_population_mechanism {
manual {

}
}
watchlist_user_preferences {
pinned = true
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,11 @@ var ServicesListBeta = mapOf(
"displayName" to "Certificatemanager",
"path" to "./google-beta/services/certificatemanager"
),
"chronicle" to mapOf(
"name" to "chronicle",
"displayName" to "Chronicle",
"path" to "./google-beta/services/chronicle"
),
"cloudasset" to mapOf(
"name" to "cloudasset",
"displayName" to "Cloudasset",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,11 @@ var ServicesListGa = mapOf(
"displayName" to "Certificatemanager",
"path" to "./google/services/certificatemanager"
),
"chronicle" to mapOf(
"name" to "chronicle",
"displayName" to "Chronicle",
"path" to "./google/services/chronicle"
),
"cloudasset" to mapOf(
"name" to "cloudasset",
"displayName" to "Cloudasset",
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
package chronicle_test

{{- if ne $.TargetVersionName "ga" }}

import (
"testing"

"github.com/hashicorp/terraform-plugin-testing/helper/resource"

"github.com/hashicorp/terraform-provider-google/google/acctest"
"github.com/hashicorp/terraform-provider-google/google/envvar"
)

func TestAccChronicleWatchlist_chronicleWatchlistBasicExample_update(t *testing.T) {
t.Parallel()

context := map[string]interface{}{
"chronicle_id": envvar.GetTestChronicleInstanceIdFromEnv(t),
"random_suffix": acctest.RandString(t, 10),
}

acctest.VcrTest(t, resource.TestCase{
PreCheck: func() { acctest.AccTestPreCheck(t) },
ProtoV5ProviderFactories: acctest.ProtoV5ProviderBetaFactories(t),
CheckDestroy: testAccCheckChronicleWatchlistDestroyProducer(t),
Steps: []resource.TestStep{
{
Config: testAccChronicleWatchlist_chronicleWatchlistBasicExample_basic(context),
},
{
ResourceName: "google_chronicle_watchlist.example",
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"instance", "location", "watchlist_id"},
},
{
Config: testAccChronicleWatchlist_chronicleWatchlistBasicExample_update(context),
},
{
ResourceName: "google_chronicle_watchlist.example",
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"instance", "location", "watchlist_id"},
},
},
})
}

func testAccChronicleWatchlist_chronicleWatchlistBasicExample_basic(context map[string]interface{}) string {
return acctest.Nprintf(`
resource "google_chronicle_watchlist" "example" {
provider = "google-beta"
location = "us"
instance = "%{chronicle_id}"
watchlist_id = "tf-test-watchlist-name%{random_suffix}"
description = "tf-test-watchlist-description%{random_suffix}"
display_name = "tf-test-watchlist-name%{random_suffix}"
multiplying_factor = 1
entity_population_mechanism {
manual {

}
}
}
`, context)
}

func testAccChronicleWatchlist_chronicleWatchlistBasicExample_update(context map[string]interface{}) string {
return acctest.Nprintf(`
resource "google_chronicle_watchlist" "example" {
provider = "google-beta"
location = "us"
instance = "%{chronicle_id}"
watchlist_id = "tf-test-watchlist-name%{random_suffix}"
description = "tf-test-watchlist-updated-description%{random_suffix}"
display_name = "tf-test-updated-watchlist%{random_suffix}"
multiplying_factor = 2
entity_population_mechanism {
manual {

}
}
watchlist_user_preferences {
pinned = true
}
}
`, context)
}
{{- end }}

0 comments on commit c809b03

Please sign in to comment.