Documentation
¶
Index ¶
- func CIDValidator() validator.String
- func LookbackValidator() validator.String
- func NewCorrelationRuleResource() resource.Resource
- func NewCorrelationRulesDataSource() datasource.DataSource
- func RegisterSweepers()
- func ScheduleIntervalValidator() validator.String
- type CorrelationRuleResourceModel
- type MitreAttackModel
- type NotificationModel
- type ScheduleModel
- type SearchModel
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func LookbackValidator ¶
LookbackValidator validates a search lookback duration.
func NewCorrelationRuleResource ¶
NewCorrelationRuleResource creates a new instance of the correlation rule resource.
func NewCorrelationRulesDataSource ¶
func NewCorrelationRulesDataSource() datasource.DataSource
NewCorrelationRulesDataSource creates a new instance of the data source.
func RegisterSweepers ¶
func RegisterSweepers()
func ScheduleIntervalValidator ¶
ScheduleIntervalValidator validates a bare-duration schedule interval.
Types ¶
type CorrelationRuleResourceModel ¶
type CorrelationRuleResourceModel struct {
ID types.String `tfsdk:"id"`
CustomerID types.String `tfsdk:"cid"`
Name types.String `tfsdk:"name"`
Description types.String `tfsdk:"description"`
Severity types.String `tfsdk:"severity"`
Status types.String `tfsdk:"status"`
Comment types.String `tfsdk:"comment"`
Search types.Object `tfsdk:"search"`
Schedule types.Object `tfsdk:"schedule"`
MitreAttack types.List `tfsdk:"mitre_attack"`
Notifications types.Set `tfsdk:"notifications"`
}
CorrelationRuleResourceModel defines the Terraform resource model.
type MitreAttackModel ¶
type MitreAttackModel struct {
TacticID types.String `tfsdk:"tactic_id"`
TechniqueID types.String `tfsdk:"technique_id"`
}
MitreAttackModel defines the mitre_attack block.
func (MitreAttackModel) AttributeTypes ¶
func (m MitreAttackModel) AttributeTypes() map[string]attr.Type
AttributeTypes returns the attribute types for MitreAttackModel.
type NotificationModel ¶
type NotificationModel struct {
Type types.String `tfsdk:"type"`
IsGuardrail types.Bool `tfsdk:"is_guardrail"`
Recipients types.List `tfsdk:"recipients"`
PluginID types.String `tfsdk:"plugin_id"`
ConfigID types.String `tfsdk:"config_id"`
Severity types.String `tfsdk:"severity"`
}
NotificationModel defines a single notification entry. Regular and guardrail notifications share this shape; the `is_guardrail` flag determines which API array the entry is routed to.
func (NotificationModel) AttributeTypes ¶
func (m NotificationModel) AttributeTypes() map[string]attr.Type
AttributeTypes returns the attribute types for NotificationModel.
type ScheduleModel ¶
type ScheduleModel struct {
Interval timetypes.GoDuration `tfsdk:"interval"`
StartOn fwtypes.RFC3339 `tfsdk:"start_on"`
StopOn fwtypes.RFC3339 `tfsdk:"stop_on"`
}
ScheduleModel defines the schedule block.
func (ScheduleModel) AttributeTypes ¶
func (m ScheduleModel) AttributeTypes() map[string]attr.Type
AttributeTypes returns the attribute types for ScheduleModel.
type SearchModel ¶
type SearchModel struct {
Filter types.String `tfsdk:"filter"`
Lookback timetypes.GoDuration `tfsdk:"lookback"`
CreateCase types.Bool `tfsdk:"create_case"`
TriggerMode types.String `tfsdk:"trigger_mode"`
ExecutionMode types.String `tfsdk:"execution_mode"`
UseIngestTime types.Bool `tfsdk:"use_ingest_time"`
CaseTemplateID types.String `tfsdk:"case_template_id"`
}
SearchModel defines the search block.
func (SearchModel) AttributeTypes ¶
func (m SearchModel) AttributeTypes() map[string]attr.Type
AttributeTypes returns the attribute types for SearchModel.
Source Files