Added - Support for CloudGuard - Container Workload Integrationn

Author: kmujumda

examples/cloudguard/adhoc_query/adhoc_query.tf

@@ -0,0 +1,99 @@
+// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+variable "tenancy_ocid" {}
+variable "user_ocid" {}
+variable "fingerprint" {}
+variable "private_key_path" {}
+variable "region" {}
+variable "compartment_id" {}
+
+variable "adhoc_query_access_level" {
+  default = "ACCESSIBLE"
+}
+
+variable "adhoc_query_adhoc_query_details_adhoc_query_resources_region" {
+  default = "us-phoenix-1"
+}
+
+variable "adhoc_query_adhoc_query_details_adhoc_query_resources_resource_ids" {
+  default = ["ocid1.tenancy.oc1..aaaaaaaaqoggzsjut2u64wqliyd4eyd3dl4ipsu26lgqx4bihofnve5li5hq"]
+}
+
+variable "adhoc_query_adhoc_query_details_adhoc_query_resources_resource_type" {
+  default = "TENANCY"
+}
+
+variable "adhoc_query_adhoc_query_details_query" {
+  default = "select pid from processes"
+}
+
+variable "adhoc_query_adhoc_query_status" {
+  default = "CREATING"
+}
+
+variable "adhoc_query_compartment_id_in_subtree" {
+  default = true
+}
+
+variable "adhoc_query_defined_tags_value" {
+  default = "value"
+}
+
+variable "adhoc_query_freeform_tags" {
+  default = { "bar-key" = "value" }
+}
+
+variable "adhoc_query_time_ended_filter_query_param" {
+  default = "2024-05-03T12:52:59.817Z"
+}
+
+variable "adhoc_query_time_started_filter_query_param" {
+  default = "2024-05-03T10:52:59.817Z"
+}
+
+
+
+provider "oci" {
+  auth                = "SecurityToken"
+  config_file_profile = "terraform-federation-test"
+  region              = var.region
+  //version             = "5.39.0"
+  /*tenancy_ocid     = var.tenancy_ocid
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+  region           = var.region*/
+}
+
+resource "oci_cloud_guard_adhoc_query" "test_adhoc_query" {
+  #Required
+  adhoc_query_details {
+    #Required
+    adhoc_query_resources {
+
+      #Optional
+      region        = var.adhoc_query_adhoc_query_details_adhoc_query_resources_region
+      resource_ids  = var.adhoc_query_adhoc_query_details_adhoc_query_resources_resource_ids
+      resource_type = var.adhoc_query_adhoc_query_details_adhoc_query_resources_resource_type
+    }
+    query = var.adhoc_query_adhoc_query_details_query
+  }
+  compartment_id = var.compartment_id
+
+  #Optional
+  defined_tags  = { "example-tag-namespace-all.example-tag" = var.adhoc_query_defined_tags_value}
+  freeform_tags = var.adhoc_query_freeform_tags
+}
+
+data "oci_cloud_guard_adhoc_queries" "test_adhoc_queries" {
+  #Required
+  compartment_id = var.compartment_id
+
+  #Optional
+  access_level                    = var.adhoc_query_access_level
+  adhoc_query_status              = var.adhoc_query_adhoc_query_status
+  compartment_id_in_subtree       = var.adhoc_query_compartment_id_in_subtree
+  time_ended_filter_query_param   = var.adhoc_query_time_ended_filter_query_param
+  time_started_filter_query_param = var.adhoc_query_time_started_filter_query_param
+}

examples/cloudguard/data_source/cloud_guard_data_source.tf

@@ -79,15 +79,20 @@ variable "data_source_data_source_details_query_start_time_start_policy_type" {
 }
 
 variable "data_source_data_source_details_query_start_time_query_start_time" {
-  default = "2023-10-18T12:52:59.817Z"
+  default = "2024-05-02T12:52:59.817Z"
 }
 
 provider "oci" {
+  auth                = "SecurityToken"
+  config_file_profile = "terraform-federation-test"
+  region              = var.region
+  //version             = "5.39.0"
+  /*
   tenancy_ocid     = var.tenancy_ocid
   user_ocid        = var.user_ocid
   fingerprint      = var.fingerprint
   private_key_path = var.private_key_path
-  region           = var.region
+  */
 }
 
 data "oci_cloud_guard_data_sources" "test_data_sources" {

examples/cloudguard/detector_recipe/cloud_guard_detector_recipe.tf

@@ -80,11 +80,15 @@ variable "detector_recipe_state" {
 }
 
 provider "oci" {
-  tenancy_ocid     = "${var.tenancy_ocid}"
+  auth                = "SecurityToken"
+  config_file_profile = "terraform-federation-test"
+  region              = var.region
+  //version             = "5.39.0"
+  /*tenancy_ocid     = "${var.tenancy_ocid}"
   user_ocid        = "${var.user_ocid}"
   fingerprint      = "${var.fingerprint}"
   private_key_path = "${var.private_key_path}"
-  region           = "${var.region}"
+  region           = "${var.region}"*/
 }
 
 data "oci_cloud_guard_detector_recipes" "test_detector_recipes" {

examples/cloudguard/saved_query/saved_query.tf

@@ -0,0 +1,73 @@
+// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+variable "tenancy_ocid" {}
+variable "user_ocid" {}
+variable "fingerprint" {}
+variable "private_key_path" {}
+variable "region" {}
+variable "compartment_id" {}
+
+variable "saved_query_access_level" {
+  default = "ACCESSIBLE"
+}
+
+variable "saved_query_compartment_id_in_subtree" {
+  default = true
+}
+
+variable "saved_query_defined_tags_value" {
+  default = "value"
+}
+
+variable "saved_query_description" {
+  default = "description"
+}
+
+variable "saved_query_display_name" {
+  default = "displayName"
+}
+
+variable "saved_query_freeform_tags" {
+  default = { "bar-key" = "value" }
+}
+
+variable "saved_query_query" {
+  default = "select pid from processes"
+}
+
+
+
+provider "oci" {
+  auth                = "SecurityToken"
+  config_file_profile = "terraform-federation-test"
+  region              = var.region
+  //version             = "5.39.0"
+  /*tenancy_ocid     = var.tenancy_ocid
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+  region           = var.region*/
+}
+
+resource "oci_cloud_guard_saved_query" "test_saved_query" {
+  #Required
+  compartment_id = var.compartment_id
+  display_name   = var.saved_query_display_name
+  query          = var.saved_query_query
+
+  #Optional
+  defined_tags  = { "example-tag-namespace-all.example-tag" = var.saved_query_defined_tags_value}
+  description   = var.saved_query_description
+  freeform_tags = var.saved_query_freeform_tags
+}
+
+data "oci_cloud_guard_saved_queries" "test_saved_queries" {
+  #Required
+  compartment_id = var.compartment_id
+
+  #Optional
+  access_level              = var.saved_query_access_level
+  compartment_id_in_subtree = var.saved_query_compartment_id_in_subtree
+  display_name              = var.saved_query_display_name
+}

examples/cloudguard/target/cloud_guard_target.tf

@@ -2,9 +2,9 @@
 // Licensed under the Mozilla Public License v2.0
 
 variable "tenancy_ocid" {}
-variable "user_ocid" {}
-variable "fingerprint" {}
-variable "private_key_path" {}
+//variable "user_ocid" {}
+//variable "fingerprint" {}
+//variable "private_key_path" {}
 variable "region" {}
 variable "compartment_id" {}
 
@@ -81,11 +81,16 @@ variable "target_target_responder_recipes_responder_rules_details_mode" {
 }
 
 provider "oci" {
+  auth                = "SecurityToken"
+  config_file_profile = "terraform-federation-test"
+  region              = var.region
+  //version             = "5.39.0"
+  /*
   tenancy_ocid     = "${var.tenancy_ocid}"
   user_ocid        = "${var.user_ocid}"
   fingerprint      = "${var.fingerprint}"
   private_key_path = "${var.private_key_path}"
-  region           = "${var.region}"
+  */
 }
 
 /*
@@ -94,7 +99,7 @@ For more explanation refer to detector_recipe.tf or responder_recipe.tf
 */
 data "oci_cloud_guard_detector_recipes" "test_detector_recipes" {
   #Required
-  compartment_id = "${var.tenancy_ocid}"
+  compartment_id = var.tenancy_ocid
   #Optional
   state          = "ACTIVE"
   //Adding this to make sure the detector rule id is compatible with the returned detector recipes
@@ -103,7 +108,7 @@ data "oci_cloud_guard_detector_recipes" "test_detector_recipes" {
 
 data "oci_cloud_guard_responder_recipes" "test_responder_recipes" {
   #Required
-  compartment_id = "${var.tenancy_ocid}"
+  compartment_id = var.tenancy_ocid
   #Optional
   state          = "ACTIVE"
 }
@@ -112,19 +117,19 @@ data "oci_cloud_guard_responder_recipes" "test_responder_recipes" {
 
 resource "oci_cloud_guard_target" "test_target" {
   #Required
-  compartment_id       = "${var.compartment_id}"
-  display_name         = "${var.target_display_name}"
+  compartment_id       = var.compartment_id
+  display_name         = var.target_display_name
   //For now target resource id has to be equal to comaprtment id
-  target_resource_id   = "${var.compartment_id}"
-  target_resource_type = "${var.target_target_resource_type}"
+  target_resource_id   = var.compartment_id
+  target_resource_type = var.target_target_resource_type
 
   #Optional
-  description   = "${var.target_description}"
-  state         = "${var.target_state}"
+  description   = var.target_description
+  state         = var.target_state
 
   target_detector_recipes {
     #Required
-    detector_recipe_id = "${data.oci_cloud_guard_detector_recipes.test_detector_recipes.detector_recipe_collection.0.items.0.id}"
+    detector_recipe_id = data.oci_cloud_guard_detector_recipes.test_detector_recipes.detector_recipe_collection.0.items.0.id
 
     #Optional
     detector_rules {
@@ -133,8 +138,8 @@ resource "oci_cloud_guard_target" "test_target" {
         #Optional
         condition_groups {
           #Required
-          compartment_id = "${var.compartment_id}"
-          condition      = "${var.target_target_detector_recipes_detector_rules_details_condition_groups_condition}"
+          compartment_id = var.compartment_id
+          condition      = var.target_target_detector_recipes_detector_rules_details_condition_groups_condition
         }
       }
 
@@ -144,23 +149,23 @@ resource "oci_cloud_guard_target" "test_target" {
 
   target_responder_recipes {
     #Required
-    responder_recipe_id = "${data.oci_cloud_guard_responder_recipes.test_responder_recipes.responder_recipe_collection.0.items.0.id}"
+    responder_recipe_id = data.oci_cloud_guard_responder_recipes.test_responder_recipes.responder_recipe_collection.0.items.0.id
 
     #Optional
     responder_rules {
       #Required
       details {
         #Optional
-        condition = "${var.target_target_responder_recipes_responder_rules_details_condition}"
+        condition = var.target_target_responder_recipes_responder_rules_details_condition
 
         configurations {
           #Required
-          config_key = "${var.target_target_responder_recipes_responder_rules_details_configurations_config_key}"
-          name       = "${var.target_target_responder_recipes_responder_rules_details_configurations_name}"
-          value      = "${var.target_target_responder_recipes_responder_rules_details_configurations_value}"
+          config_key = var.target_target_responder_recipes_responder_rules_details_configurations_config_key
+          name       = var.target_target_responder_recipes_responder_rules_details_configurations_name
+          value      = var.target_target_responder_recipes_responder_rules_details_configurations_value
         }
 
-        mode = "${var.target_target_responder_recipes_responder_rules_details_mode}"
+        mode = var.target_target_responder_recipes_responder_rules_details_mode
       }
 
       responder_rule_id = "ENABLE_DB_BACKUP"
@@ -170,11 +175,11 @@ resource "oci_cloud_guard_target" "test_target" {
 
 data "oci_cloud_guard_targets" "test_targets" {
   #Required
-  compartment_id = "${var.compartment_id}"
+  compartment_id = var.compartment_id
 
   #Optional
-  access_level              = "${var.target_access_level}"
-  compartment_id_in_subtree = "${var.target_compartment_id_in_subtree}"
-  display_name              = "${var.target_display_name}"
-  state                     = "${var.target_state}"
+  access_level              = var.target_access_level
+  compartment_id_in_subtree = var.target_compartment_id_in_subtree
+  display_name              = var.target_display_name
+  state                     = var.target_state
 }

examples/cloudguard/wlp_agent/wlp_agent.tf

@@ -0,0 +1,48 @@
+// Copyright (c) 2017, 2024, Oracle and/or its affiliates. All rights reserved.
+// Licensed under the Mozilla Public License v2.0
+
+variable "tenancy_ocid" {}
+variable "user_ocid" {}
+variable "fingerprint" {}
+variable "private_key_path" {}
+variable "region" {}
+variable "compartment_id" {}
+
+variable "wlp_agent_agent_version" {
+  default = "1.0.147"
+}
+
+variable "wlp_agent_certificate_signed_request" {
+  default = "-----BEGIN CERTIFICATE REQUEST-----\nMIID1DCCArwCAQAwggGNMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGT3JhY2xlMYIB\nKDCCASQGA1UECxOCARtvcGMtaW5zdGFuY2U6b2NpZDEuaW5zdGFuY2Uub2MxLnBo\neC5hbnlocWxqdDd4bTQ1Y2ljeWkya2E1cHVtcWd5dWhkZXVhaHJjYXh6NHN3bGtv\nZmo2dXhjdmtubnhkaGEsb3BjLWNvbXBhcnRtZW50Om9jaWQxLnRlbmFuY3kub2Mx\nLi5hYWFhYWFhYXFvZ2d6c2p1dDJ1NjR3cWxpeWQ0ZXlkM2RsNGlwc3UyNmxncXg0\nYmlob2ZudmU1bGk1aHEsb3BjLXRlbmFudDpvY2lkMS50ZW5hbmN5Lm9jMS4uYWFh\nYWFhYWFxb2dnenNqdXQydTY0d3FsaXlkNGV5ZDNkbDRpcHN1MjZsZ3F4NGJpaG9m\nbnZlNWxpNWhxMQwwCgYDVQQDEwN3bHAxMzAxBgkqhkiG9w0BCQEWJHdvcmtsb2Fk\ncHJvdGVjdGlvbl91c19ncnBAb3JhY2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAMDLbqoECIIh02HvkusRyGGI/cqK9Wrg7xDn/Wwg1C9noOo+\nbHmU5sBervLUHKXuC3IUwM0GgytjLsOjMWI9ex0ZunQONwwAe/MDD+YQcnqbOnmb\naUrdp0gB231SRqCUST1xf9y8shlK3zXrav+qgtF1bDihsGh6O4DMLPYIsOZAXo6M\nrGPokj1nViLdvFaBBG4Q1sgximufh/eqFCaUawIUOeQ7XcDqeWM+G8IA3vIuWqbr\nSoI61/COgq6eDsUMu/ZcMNF0UYRV4bWwVM18Cx8Tlp0kH/mbnlHxBMxz1x/cbHmQ\nEwPrSKWo8Gn2B1HeXWhVGNPa4Xs0xn/kaW1QaS8CAwEAAaAAMA0GCSqGSIb3DQEB\nCwUAA4IBAQABiABQPOngTCA24KzY6GcyVi/4H6nhOu6smAgnPM2PoJEoog5yvnLR\nTvoyec0TTIIiRZtDIYejRMUyGZxR1o1Hgrkq80OmqfRZW57e2WPRgpHcp87Yfp0B\nRmkobQMRSAypZDGCdco2cuQ4F7GG0KFMb1Tf+b/XQnf6L3cd9PCHPECOVe1LFJV3\nqxhNkkxd+REI8iihLjzslqJFufYTkfmL2xamhS2nzGbG5XcfURdqx6S2ZDVoCkNy\nikohM9PlBrWAXWYALRqgcy1KFH9lQ9+tIqpnGbOHOyIqFPmoMKX2ugisTWMpgTp9\nxICh2HMz77KABXXf/t58HDODI4Wx8yJA\n-----END CERTIFICATE REQUEST-----\n"
+}
+
+variable "wlp_agent_os_info" {
+  default = "Oracle Linux Server_8.5_amd64"
+}
+
+
+
+provider "oci" {
+  auth                = "SecurityToken"
+  config_file_profile = "terraform-federation-test"
+  region              = var.region
+  //version             = "5.39.0"
+  /*tenancy_ocid     = var.tenancy_ocid
+  user_ocid        = var.user_ocid
+  fingerprint      = var.fingerprint
+  private_key_path = var.private_key_path
+  region           = var.region*/
+}
+
+resource "oci_cloud_guard_wlp_agent" "test_wlp_agent" {
+  #Required
+  agent_version              = var.wlp_agent_agent_version
+  certificate_signed_request = var.wlp_agent_certificate_signed_request
+  compartment_id             = var.compartment_id
+  os_info                    = var.wlp_agent_os_info
+}
+
+data "oci_cloud_guard_wlp_agents" "test_wlp_agents" {
+  #Required
+  compartment_id = var.compartment_id
+}