|
| 1 | +--- |
| 2 | +subcategory: "Sysdig Secure" |
| 3 | +layout: "sysdig" |
| 4 | +page_title: "Sysdig: sysdig_secure_vulnerability_rule_bundle" |
| 5 | +description: |- |
| 6 | + Creates a Sysdig Secure Vulnerability Rule Bundle. |
| 7 | +--- |
| 8 | + |
| 9 | +# Resource: sysdig_secure_vulnerability_rule_bundle |
| 10 | + |
| 11 | +Creates a Sysdig Secure Vulnerability Rule Bundle to define custom rules for vulnerability management, supporting various types of rules. |
| 12 | + |
| 13 | +-> **Note:** Sysdig Terraform Provider is under rapid development at this point. If you experience any issue or discrepancy while using it, please make sure you have the latest version. If the issue persists, or you have a Feature Request to support an additional set of resources, please open a [new issue](https://github.com/sysdiglabs/terraform-provider-sysdig/issues/new) in the GitHub repository. |
| 14 | + |
| 15 | +## Example Usage |
| 16 | + |
| 17 | +```terraform |
| 18 | +resource "sysdig_secure_vulnerability_rule_bundle" "example" { |
| 19 | + name = "Example Rule Bundle" |
| 20 | +
|
| 21 | + rule { |
| 22 | + image_label { |
| 23 | + label_must_exist = "required-label" |
| 24 | + } |
| 25 | + } |
| 26 | +
|
| 27 | + rule { |
| 28 | + image_label { |
| 29 | + label_must_not_exist = "forbidden-label" |
| 30 | + } |
| 31 | + } |
| 32 | +
|
| 33 | + rule { |
| 34 | + image_label { |
| 35 | + label_must_exist_and_contain_value { |
| 36 | + required_label = "required-label" |
| 37 | + required_value = "required-value" |
| 38 | + } |
| 39 | + } |
| 40 | + } |
| 41 | +} |
| 42 | +``` |
| 43 | + |
| 44 | +## Argument Reference |
| 45 | + |
| 46 | +* `name` - (Required) The name of the vulnerability rule bundle. |
| 47 | + |
| 48 | +* `description` - (Optional) A description for the rule bundle. |
| 49 | + |
| 50 | +* `rule` - (Required) List of rule definitions. Each rule supports multiple types (e.g., `image_label`). Each type may have different required attributes: |
| 51 | + |
| 52 | +### Rule Types |
| 53 | + |
| 54 | +#### image_label |
| 55 | + |
| 56 | +Defines label-based matching rules for image configuration. Only one of the following attributes must be specified: |
| 57 | + |
| 58 | +* `label_must_exist` - (Optional) Label key that must exist in the image configuration. |
| 59 | +* `label_must_not_exist` - (Optional) Label key that must not exist in the image configuration. |
| 60 | +* `label_must_exist_and_contain_value` - (Optional) List of required label-value pairs, each containing: |
| 61 | + |
| 62 | + * `required_label` - (Required) Label key required in the image configuration. |
| 63 | + * `required_value` - (Required) Value that the label must contain. |
| 64 | + |
| 65 | +## Attributes Reference |
| 66 | + |
| 67 | +The following attributes are exported: |
| 68 | + |
| 69 | +* `identifier` - External identifier computed after creation. Not to be used with the `secure_vulnerability_policy.bundles` field, use `id` for that. |
| 70 | + |
| 71 | +## Import |
| 72 | + |
| 73 | +Vulnerability rule bundles can be imported using their bundle ID, for example: |
| 74 | + |
| 75 | +```shell |
| 76 | +$ terraform import sysdig_secure_vulnerability_rule_bundle.example bundle_123456 |
| 77 | +``` |
| 78 | + |
0 commit comments