From e3a8da8b054644720f43f8bc9423f2bf1de1bbd9 Mon Sep 17 00:00:00 2001 From: Jiri Kuncar Date: Tue, 4 Jan 2022 16:30:48 +0100 Subject: [PATCH] Bump datadog-api-client-go and deprecate `agent_rule` field (#1318) --- ...ource_datadog_security_monitoring_rules.go | 3 - datadog/resource_datadog_application_key.go | 3 +- ...source_datadog_security_monitoring_rule.go | 48 +---- ...tadogSecurityMonitoringRule_CwsRule.freeze | 2 +- ...DatadogSecurityMonitoringRule_CwsRule.yaml | 170 ++++++++++-------- ...e_datadog_security_monitoring_rule_test.go | 16 -- go.mod | 2 +- go.sum | 6 +- 8 files changed, 106 insertions(+), 144 deletions(-) diff --git a/datadog/data_source_datadog_security_monitoring_rules.go b/datadog/data_source_datadog_security_monitoring_rules.go index bfa8bac033..eca18f2dfa 100644 --- a/datadog/data_source_datadog_security_monitoring_rules.go +++ b/datadog/data_source_datadog_security_monitoring_rules.go @@ -206,9 +206,6 @@ func buildSecurityMonitoringTfRule(rule datadogV2.SecurityMonitoringRuleResponse tfQueries := make([]map[string]interface{}, len(rule.GetQueries())) for i, query := range rule.GetQueries() { tfQuery := make(map[string]interface{}) - if agentRule, ok := query.GetAgentRuleOk(); ok { - tfQuery["agent_rule"] = extractTfAgentRule(*agentRule) - } if aggregation, ok := query.GetAggregationOk(); ok { tfQuery["aggregation"] = string(*aggregation) } diff --git a/datadog/resource_datadog_application_key.go b/datadog/resource_datadog_application_key.go index 4f83a8d313..8991f09fbb 100644 --- a/datadog/resource_datadog_application_key.go +++ b/datadog/resource_datadog_application_key.go @@ -46,7 +46,8 @@ func buildDatadogApplicationKeyCreateV2Struct(d *schema.ResourceData) *datadogV2 } func buildDatadogApplicationKeyUpdateV2Struct(d *schema.ResourceData) *datadogV2.ApplicationKeyUpdateRequest { - applicationKeyAttributes := datadogV2.NewApplicationKeyUpdateAttributes(d.Get("name").(string)) + applicationKeyAttributes := datadogV2.NewApplicationKeyUpdateAttributes() + applicationKeyAttributes.SetName(d.Get("name").(string)) applicationKeyData := datadogV2.NewApplicationKeyUpdateData(*applicationKeyAttributes, d.Id(), datadogV2.APPLICATIONKEYSTYPE_APPLICATION_KEYS) applicationKeyRequest := datadogV2.NewApplicationKeyUpdateRequest(*applicationKeyData) diff --git a/datadog/resource_datadog_security_monitoring_rule.go b/datadog/resource_datadog_security_monitoring_rule.go index 5a53b00869..2f4b49343d 100644 --- a/datadog/resource_datadog_security_monitoring_rule.go +++ b/datadog/resource_datadog_security_monitoring_rule.go @@ -159,19 +159,20 @@ func datadogSecurityMonitoringRuleSchema() map[string]*schema.Schema { Schema: map[string]*schema.Schema{ "agent_rule": { Type: schema.TypeList, + Deprecated: "`agent_rule` has been deprecated in favor of new Agent Rule resource.", Optional: true, - Description: "The agent rule.", + Description: "**Deprecated**. It won't be applied anymore.", Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "agent_rule_id": { Type: schema.TypeString, Required: true, - Description: "The Agent rule ID. Must be unique within the rule.", + Description: "**Deprecated**. It won't be applied anymore.", }, "expression": { Type: schema.TypeString, Required: true, - Description: "A Runtime Security expression determines what activity should be collected by the Datadog Agent. These logical expressions can use predefined operators and attributes. Tags cannot be used in Runtime Security expressions. Instead, allow or deny based on tags under the advanced option.", + Description: "**Deprecated**. It won't be applied anymore.", }, }, }, @@ -409,13 +410,6 @@ func buildCreatePayloadQueries(d *schema.ResourceData) []datadogV2.SecurityMonit query := tfQuery.(map[string]interface{}) payloadQuery := datadogV2.SecurityMonitoringRuleQueryCreate{} - if v, ok := query["agent_rule"]; ok { - tfAgentRuleList := v.([]interface{}) - if payloadAgentRule, ok := buildPayloadAgentRule(tfAgentRuleList); ok { - payloadQuery.AgentRule = payloadAgentRule - } - } - if v, ok := query["aggregation"]; ok { aggregation := datadogV2.SecurityMonitoringRuleQueryAggregation(v.(string)) payloadQuery.Aggregation = &aggregation @@ -456,23 +450,6 @@ func buildCreatePayloadQueries(d *schema.ResourceData) []datadogV2.SecurityMonit return payloadQueries } -func buildPayloadAgentRule(tfAgentRuleList []interface{}) (*datadogV2.SecurityMonitoringRuntimeAgentRule, bool) { - payloadAgentRule := datadogV2.NewSecurityMonitoringRuntimeAgentRule() - tfAgentRule := extractMapFromInterface(tfAgentRuleList) - hasPayload := false - if v, ok := tfAgentRule["agent_rule_id"]; ok { - hasPayload = true - agentRuleId := v.(string) - payloadAgentRule.AgentRuleId = &agentRuleId - } - if v, ok := tfAgentRule["expression"]; ok { - hasPayload = true - expression := v.(string) - payloadAgentRule.Expression = &expression - } - return payloadAgentRule, hasPayload -} - func buildPayloadFilters(tfFilters []interface{}) []datadogV2.SecurityMonitoringFilter { payloadFilters := make([]datadogV2.SecurityMonitoringFilter, len(tfFilters)) for idx, tfFilter := range tfFilters { @@ -547,9 +524,6 @@ func updateResourceDataFromResponse(d *schema.ResourceData, ruleResponse datadog ruleQuery := make(map[string]interface{}) responseRuleQuery := ruleResponse.GetQueries()[idx] - if agentRule, ok := responseRuleQuery.GetAgentRuleOk(); ok { - ruleQuery["agent_rule"] = extractTfAgentRule(*agentRule) - } if aggregation, ok := responseRuleQuery.GetAggregationOk(); ok { ruleQuery["aggregation"] = *aggregation } @@ -622,13 +596,6 @@ func extractTfOptions(options datadogV2.SecurityMonitoringRuleOptions) map[strin return tfOptions } -func extractTfAgentRule(agentRule datadogV2.SecurityMonitoringRuntimeAgentRule) []map[string]interface{} { - tfAgentRule := make(map[string]interface{}) - tfAgentRule["agent_rule_id"] = agentRule.GetAgentRuleId() - tfAgentRule["expression"] = agentRule.GetExpression() - return []map[string]interface{}{tfAgentRule} -} - func resourceDatadogSecurityMonitoringRuleUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { providerConf := meta.(*ProviderConfiguration) datadogClientV2 := providerConf.DatadogClientV2 @@ -703,13 +670,6 @@ func buildUpdatePayload(d *schema.ResourceData) datadogV2.SecurityMonitoringRule query := tfQuery.(map[string]interface{}) payloadQuery := datadogV2.SecurityMonitoringRuleQuery{} - if v, ok := query["agent_rule"]; ok { - tfAgentRuleList := v.([]interface{}) - if payloadAgentRule, ok := buildPayloadAgentRule(tfAgentRuleList); ok { - payloadQuery.AgentRule = payloadAgentRule - } - } - if v, ok := query["aggregation"]; ok { aggregation := datadogV2.SecurityMonitoringRuleQueryAggregation(v.(string)) payloadQuery.Aggregation = &aggregation diff --git a/datadog/tests/cassettes/TestAccDatadogSecurityMonitoringRule_CwsRule.freeze b/datadog/tests/cassettes/TestAccDatadogSecurityMonitoringRule_CwsRule.freeze index d223daa0c5..9d05466fb0 100644 --- a/datadog/tests/cassettes/TestAccDatadogSecurityMonitoringRule_CwsRule.freeze +++ b/datadog/tests/cassettes/TestAccDatadogSecurityMonitoringRule_CwsRule.freeze @@ -1 +1 @@ -2021-10-01T09:50:23.956424+01:00 \ No newline at end of file +2022-01-04T12:50:58.56411+01:00 \ No newline at end of file diff --git a/datadog/tests/cassettes/TestAccDatadogSecurityMonitoringRule_CwsRule.yaml b/datadog/tests/cassettes/TestAccDatadogSecurityMonitoringRule_CwsRule.yaml index 0542defe20..e3da86d23a 100644 --- a/datadog/tests/cassettes/TestAccDatadogSecurityMonitoringRule_CwsRule.yaml +++ b/datadog/tests/cassettes/TestAccDatadogSecurityMonitoringRule_CwsRule.yaml @@ -3,21 +3,23 @@ version: 1 interactions: - request: body: | - {"cases":[{"condition":"first \u003e 3","name":"high case","notifications":[],"status":"high"}],"hasExtendedTitle":false,"isEnabled":false,"message":"acceptance rule triggered","name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1633078223","options":{"detectionMethod":"threshold","evaluationWindow":300,"keepAlive":600,"maxSignalDuration":900},"queries":[{"agentRule":{"agentRuleId":"random_id","expression":"open.filename =~ \"/etc/ssl/certs/*\" \u0026\u0026 open.flags \u0026 (O_CREAT | O_RDWR | O_WRONLY) \u003e 0"},"aggregation":"count","distinctFields":[],"groupByFields":["host"],"metric":"","name":"first","query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1633078223_random_id OR random_id)"}],"tags":["i:tomato","u:tomato"],"type":"workload_security"} + {"cases":[{"condition":"first \u003e 3","name":"high case","notifications":[],"status":"high"}],"hasExtendedTitle":false,"isEnabled":false,"message":"acceptance rule triggered","name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1641297058","options":{"detectionMethod":"threshold","evaluationWindow":300,"keepAlive":600,"maxSignalDuration":900},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":["host"],"metric":"","name":"first","query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1641297058_random_id OR random_id)"}],"tags":["i:tomato","u:tomato"],"type":"workload_security"} form: {} headers: Accept: - application/json + Content-Length: + - "638" Content-Type: - application/json Dd-Operation-Id: - CreateSecurityMonitoringRule User-Agent: - - terraform-provider-datadog/dev (terraform 2.7.0; terraform-cli 1.0.3) datadog-api-client-go/1.4.0 (go go1.17; os darwin; arch amd64) + - terraform-provider-datadog/dev (terraform 2.10.0; terraform-cli 0.15.4) datadog-api-client-go/1.7.1+dev (go go1.17.3; os darwin; arch amd64) url: https://api.datadoghq.com/api/v2/security_monitoring/rules method: POST response: - body: '{"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":false,"hasExtendedTitle":false,"message":"acceptance rule triggered","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":1,"createdAt":1633078247119,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"","aggregation":"count","groupByFields":["host"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1633078223_random_id OR random_id)","agentRule":{"expression":"open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0","agentRuleId":"random_id"}}],"isDeleted":false,"cases":[{"status":"high","notifications":[],"name":"high case","condition":"first > 3"}],"type":"workload_security","id":"gev-ic7-asj","isDefault":false,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1633078223"}' + body: '{"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":false,"hasExtendedTitle":false,"message":"acceptance rule triggered","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":1,"createdAt":1641297079274,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"","aggregation":"count","groupByFields":["host"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1641297058_random_id OR random_id)"}],"isDeleted":false,"cases":[{"status":"high","notifications":[],"name":"high case","condition":"first > 3"}],"type":"workload_security","id":"oji-nib-gy5","isDefault":false,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1641297058"}' headers: Cache-Control: - no-cache @@ -30,7 +32,7 @@ interactions: Content-Type: - application/json;charset=utf-8 Date: - - Fri, 01 Oct 2021 08:50:47 GMT + - Tue, 04 Jan 2022 11:51:19 GMT Pragma: - no-cache Strict-Transport-Security: @@ -42,13 +44,15 @@ interactions: X-Frame-Options: - SAMEORIGIN X-Ratelimit-Limit: - - "600" + - "1000" + X-Ratelimit-Name: + - security_analytics X-Ratelimit-Period: - - "60" + - "10" X-Ratelimit-Remaining: - - "568" + - "999" X-Ratelimit-Reset: - - "13" + - "1" status: 200 OK code: 200 duration: "" @@ -61,11 +65,11 @@ interactions: Dd-Operation-Id: - GetSecurityMonitoringRule User-Agent: - - terraform-provider-datadog/dev (terraform 2.7.0; terraform-cli 1.0.3) datadog-api-client-go/1.4.0 (go go1.17; os darwin; arch amd64) - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/gev-ic7-asj + - terraform-provider-datadog/dev (terraform 2.10.0; terraform-cli 0.15.4) datadog-api-client-go/1.7.1+dev (go go1.17.3; os darwin; arch amd64) + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/oji-nib-gy5 method: GET response: - body: '{"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":false,"hasExtendedTitle":false,"message":"acceptance rule triggered","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":1,"createdAt":1633078247119,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"","aggregation":"count","groupByFields":["host"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1633078223_random_id OR random_id)","agentRule":{"expression":"open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0","agentRuleId":"random_id"}}],"isDeleted":false,"cases":[{"status":"high","notifications":[],"name":"high case","condition":"first > 3"}],"type":"workload_security","id":"gev-ic7-asj","isDefault":false,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1633078223"}' + body: '{"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":false,"hasExtendedTitle":false,"message":"acceptance rule triggered","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":1,"createdAt":1641297079274,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"","aggregation":"count","groupByFields":["host"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1641297058_random_id OR random_id)"}],"isDeleted":false,"cases":[{"status":"high","notifications":[],"name":"high case","condition":"first > 3"}],"type":"workload_security","id":"oji-nib-gy5","isDefault":false,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1641297058"}' headers: Cache-Control: - no-cache @@ -78,7 +82,7 @@ interactions: Content-Type: - application/json;charset=utf-8 Date: - - Fri, 01 Oct 2021 08:50:50 GMT + - Tue, 04 Jan 2022 11:51:21 GMT Pragma: - no-cache Strict-Transport-Security: @@ -90,13 +94,15 @@ interactions: X-Frame-Options: - SAMEORIGIN X-Ratelimit-Limit: - - "600" + - "1000" + X-Ratelimit-Name: + - security_analytics X-Ratelimit-Period: - - "60" + - "10" X-Ratelimit-Remaining: - - "562" + - "999" X-Ratelimit-Reset: - - "10" + - "9" status: 200 OK code: 200 duration: "" @@ -109,11 +115,11 @@ interactions: Dd-Operation-Id: - GetSecurityMonitoringRule User-Agent: - - terraform-provider-datadog/dev (terraform 2.7.0; terraform-cli 1.0.3) datadog-api-client-go/1.4.0 (go go1.17; os darwin; arch amd64) - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/gev-ic7-asj + - terraform-provider-datadog/dev (terraform 2.10.0; terraform-cli 0.15.4) datadog-api-client-go/1.7.1+dev (go go1.17.3; os darwin; arch amd64) + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/oji-nib-gy5 method: GET response: - body: '{"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":false,"hasExtendedTitle":false,"message":"acceptance rule triggered","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":1,"createdAt":1633078247119,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"","aggregation":"count","groupByFields":["host"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1633078223_random_id OR random_id)","agentRule":{"expression":"open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0","agentRuleId":"random_id"}}],"isDeleted":false,"cases":[{"status":"high","notifications":[],"name":"high case","condition":"first > 3"}],"type":"workload_security","id":"gev-ic7-asj","isDefault":false,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1633078223"}' + body: '{"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":false,"hasExtendedTitle":false,"message":"acceptance rule triggered","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":1,"createdAt":1641297079274,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"","aggregation":"count","groupByFields":["host"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1641297058_random_id OR random_id)"}],"isDeleted":false,"cases":[{"status":"high","notifications":[],"name":"high case","condition":"first > 3"}],"type":"workload_security","id":"oji-nib-gy5","isDefault":false,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1641297058"}' headers: Cache-Control: - no-cache @@ -126,7 +132,7 @@ interactions: Content-Type: - application/json;charset=utf-8 Date: - - Fri, 01 Oct 2021 08:51:00 GMT + - Tue, 04 Jan 2022 11:51:27 GMT Pragma: - no-cache Strict-Transport-Security: @@ -138,13 +144,15 @@ interactions: X-Frame-Options: - SAMEORIGIN X-Ratelimit-Limit: - - "600" + - "1000" + X-Ratelimit-Name: + - security_analytics X-Ratelimit-Period: - - "60" + - "10" X-Ratelimit-Remaining: - - "597" + - "998" X-Ratelimit-Reset: - - "60" + - "3" status: 200 OK code: 200 duration: "" @@ -157,11 +165,11 @@ interactions: Dd-Operation-Id: - GetSecurityMonitoringRule User-Agent: - - terraform-provider-datadog/dev (terraform 2.7.0; terraform-cli 1.0.3) datadog-api-client-go/1.4.0 (go go1.17; os darwin; arch amd64) - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/gev-ic7-asj + - terraform-provider-datadog/dev (terraform 2.10.0; terraform-cli 0.15.4) datadog-api-client-go/1.7.1+dev (go go1.17.3; os darwin; arch amd64) + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/oji-nib-gy5 method: GET response: - body: '{"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":false,"hasExtendedTitle":false,"message":"acceptance rule triggered","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":1,"createdAt":1633078247119,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"","aggregation":"count","groupByFields":["host"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1633078223_random_id OR random_id)","agentRule":{"expression":"open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0","agentRuleId":"random_id"}}],"isDeleted":false,"cases":[{"status":"high","notifications":[],"name":"high case","condition":"first > 3"}],"type":"workload_security","id":"gev-ic7-asj","isDefault":false,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1633078223"}' + body: '{"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":false,"hasExtendedTitle":false,"message":"acceptance rule triggered","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":1,"createdAt":1641297079274,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"","aggregation":"count","groupByFields":["host"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1641297058_random_id OR random_id)"}],"isDeleted":false,"cases":[{"status":"high","notifications":[],"name":"high case","condition":"first > 3"}],"type":"workload_security","id":"oji-nib-gy5","isDefault":false,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1641297058"}' headers: Cache-Control: - no-cache @@ -174,7 +182,7 @@ interactions: Content-Type: - application/json;charset=utf-8 Date: - - Fri, 01 Oct 2021 08:51:17 GMT + - Tue, 04 Jan 2022 11:51:42 GMT Pragma: - no-cache Strict-Transport-Security: @@ -186,33 +194,37 @@ interactions: X-Frame-Options: - SAMEORIGIN X-Ratelimit-Limit: - - "600" + - "1000" + X-Ratelimit-Name: + - security_analytics X-Ratelimit-Period: - - "60" + - "10" X-Ratelimit-Remaining: - - "581" + - "999" X-Ratelimit-Reset: - - "43" + - "8" status: 200 OK code: 200 duration: "" - request: body: | - {"cases":[{"condition":"first \u003e 10","name":"high case (updated)","notifications":["@user"],"status":"medium"}],"hasExtendedTitle":false,"isEnabled":true,"message":"acceptance rule triggered (updated)","name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1633078223","options":{"detectionMethod":"threshold","evaluationWindow":300,"keepAlive":600,"maxSignalDuration":900},"queries":[{"agentRule":{"agentRuleId":"random_id","expression":"open.filename =~ \"/etc/ssl/certs/*\" \u0026\u0026 open.flags \u0026 (O_CREAT | O_RDWR | O_WRONLY) \u003e 0"},"aggregation":"count","distinctFields":[],"groupByFields":["service"],"metric":"@network.bytes_read","name":"first","query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1633078223_random_id OR random_id)"}],"tags":["u:tomato","i:tomato"]} + {"cases":[{"condition":"first \u003e 10","name":"high case (updated)","notifications":["@user"],"status":"medium"}],"hasExtendedTitle":false,"isEnabled":true,"message":"acceptance rule triggered (updated)","name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1641297058","options":{"detectionMethod":"threshold","evaluationWindow":300,"keepAlive":600,"maxSignalDuration":900},"queries":[{"aggregation":"count","distinctFields":[],"groupByFields":["service"],"metric":"@network.bytes_read","name":"first","query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1641297058_random_id OR random_id)"}],"tags":["u:tomato","i:tomato"]} form: {} headers: Accept: - application/json + Content-Length: + - "662" Content-Type: - application/json Dd-Operation-Id: - UpdateSecurityMonitoringRule User-Agent: - - terraform-provider-datadog/dev (terraform 2.7.0; terraform-cli 1.0.3) datadog-api-client-go/1.4.0 (go go1.17; os darwin; arch amd64) - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/gev-ic7-asj + - terraform-provider-datadog/dev (terraform 2.10.0; terraform-cli 0.15.4) datadog-api-client-go/1.7.1+dev (go go1.17.3; os darwin; arch amd64) + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/oji-nib-gy5 method: PUT response: - body: '{"updateAuthorId":1445416,"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":true,"hasExtendedTitle":false,"message":"acceptance rule triggered (updated)","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":2,"isDefault":false,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"@network.bytes_read","aggregation":"count","groupByFields":["service"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1633078223_random_id OR random_id)","agentRule":{"expression":"open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0","agentRuleId":"random_id"}}],"isDeleted":false,"cases":[{"status":"medium","notifications":["@user"],"name":"high case (updated)","condition":"first > 10"}],"type":"workload_security","id":"gev-ic7-asj","createdAt":1633078247119,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1633078223"}' + body: '{"updateAuthorId":1445416,"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":true,"hasExtendedTitle":false,"message":"acceptance rule triggered (updated)","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":2,"isDefault":false,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"@network.bytes_read","aggregation":"count","groupByFields":["service"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1641297058_random_id OR random_id)"}],"isDeleted":false,"cases":[{"status":"medium","notifications":["@user"],"name":"high case (updated)","condition":"first > 10"}],"type":"workload_security","id":"oji-nib-gy5","createdAt":1641297079274,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1641297058"}' headers: Cache-Control: - no-cache @@ -225,7 +237,7 @@ interactions: Content-Type: - application/json;charset=utf-8 Date: - - Fri, 01 Oct 2021 08:51:28 GMT + - Tue, 04 Jan 2022 11:51:50 GMT Pragma: - no-cache Strict-Transport-Security: @@ -237,13 +249,15 @@ interactions: X-Frame-Options: - SAMEORIGIN X-Ratelimit-Limit: - - "600" + - "1000" + X-Ratelimit-Name: + - security_analytics X-Ratelimit-Period: - - "60" + - "10" X-Ratelimit-Remaining: - - "575" + - "999" X-Ratelimit-Reset: - - "32" + - "10" status: 200 OK code: 200 duration: "" @@ -256,11 +270,11 @@ interactions: Dd-Operation-Id: - GetSecurityMonitoringRule User-Agent: - - terraform-provider-datadog/dev (terraform 2.7.0; terraform-cli 1.0.3) datadog-api-client-go/1.4.0 (go go1.17; os darwin; arch amd64) - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/gev-ic7-asj + - terraform-provider-datadog/dev (terraform 2.10.0; terraform-cli 0.15.4) datadog-api-client-go/1.7.1+dev (go go1.17.3; os darwin; arch amd64) + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/oji-nib-gy5 method: GET response: - body: '{"updateAuthorId":1445416,"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":true,"hasExtendedTitle":false,"message":"acceptance rule triggered (updated)","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":2,"isDefault":false,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"@network.bytes_read","aggregation":"count","groupByFields":["service"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1633078223_random_id OR random_id)","agentRule":{"expression":"open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0","agentRuleId":"random_id"}}],"isDeleted":false,"cases":[{"status":"medium","notifications":["@user"],"name":"high case (updated)","condition":"first > 10"}],"type":"workload_security","id":"gev-ic7-asj","createdAt":1633078247119,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1633078223"}' + body: '{"updateAuthorId":1445416,"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":true,"hasExtendedTitle":false,"message":"acceptance rule triggered (updated)","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":2,"isDefault":false,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"@network.bytes_read","aggregation":"count","groupByFields":["service"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1641297058_random_id OR random_id)"}],"isDeleted":false,"cases":[{"status":"medium","notifications":["@user"],"name":"high case (updated)","condition":"first > 10"}],"type":"workload_security","id":"oji-nib-gy5","createdAt":1641297079274,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1641297058"}' headers: Cache-Control: - no-cache @@ -273,7 +287,7 @@ interactions: Content-Type: - application/json;charset=utf-8 Date: - - Fri, 01 Oct 2021 08:51:31 GMT + - Tue, 04 Jan 2022 11:51:52 GMT Pragma: - no-cache Strict-Transport-Security: @@ -285,13 +299,15 @@ interactions: X-Frame-Options: - SAMEORIGIN X-Ratelimit-Limit: - - "600" + - "1000" + X-Ratelimit-Name: + - security_analytics X-Ratelimit-Period: - - "60" + - "10" X-Ratelimit-Remaining: - - "569" + - "998" X-Ratelimit-Reset: - - "29" + - "8" status: 200 OK code: 200 duration: "" @@ -304,11 +320,11 @@ interactions: Dd-Operation-Id: - GetSecurityMonitoringRule User-Agent: - - terraform-provider-datadog/dev (terraform 2.7.0; terraform-cli 1.0.3) datadog-api-client-go/1.4.0 (go go1.17; os darwin; arch amd64) - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/gev-ic7-asj + - terraform-provider-datadog/dev (terraform 2.10.0; terraform-cli 0.15.4) datadog-api-client-go/1.7.1+dev (go go1.17.3; os darwin; arch amd64) + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/oji-nib-gy5 method: GET response: - body: '{"updateAuthorId":1445416,"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":true,"hasExtendedTitle":false,"message":"acceptance rule triggered (updated)","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":2,"isDefault":false,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"@network.bytes_read","aggregation":"count","groupByFields":["service"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1633078223_random_id OR random_id)","agentRule":{"expression":"open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0","agentRuleId":"random_id"}}],"isDeleted":false,"cases":[{"status":"medium","notifications":["@user"],"name":"high case (updated)","condition":"first > 10"}],"type":"workload_security","id":"gev-ic7-asj","createdAt":1633078247119,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1633078223"}' + body: '{"updateAuthorId":1445416,"creationAuthorId":1445416,"tags":["u:tomato","i:tomato"],"isEnabled":true,"hasExtendedTitle":false,"message":"acceptance rule triggered (updated)","options":{"detectionMethod":"threshold","evaluationWindow":300,"maxSignalDuration":900,"keepAlive":600},"version":2,"isDefault":false,"filters":[],"queries":[{"distinctFields":[],"name":"first","metric":"@network.bytes_read","aggregation":"count","groupByFields":["service"],"query":"@agent.rule_id:(tf_TestAccDatadogSecurityMonitoringRule_CwsRule_local_1641297058_random_id OR random_id)"}],"isDeleted":false,"cases":[{"status":"medium","notifications":["@user"],"name":"high case (updated)","condition":"first > 10"}],"type":"workload_security","id":"oji-nib-gy5","createdAt":1641297079274,"name":"tf-TestAccDatadogSecurityMonitoringRule_CwsRule-local-1641297058"}' headers: Cache-Control: - no-cache @@ -321,7 +337,7 @@ interactions: Content-Type: - application/json;charset=utf-8 Date: - - Fri, 01 Oct 2021 08:51:40 GMT + - Tue, 04 Jan 2022 11:52:00 GMT Pragma: - no-cache Strict-Transport-Security: @@ -333,13 +349,15 @@ interactions: X-Frame-Options: - SAMEORIGIN X-Ratelimit-Limit: - - "600" + - "1000" + X-Ratelimit-Name: + - security_analytics X-Ratelimit-Period: - - "60" + - "10" X-Ratelimit-Remaining: - - "562" + - "999" X-Ratelimit-Reset: - - "20" + - "10" status: 200 OK code: 200 duration: "" @@ -352,8 +370,8 @@ interactions: Dd-Operation-Id: - DeleteSecurityMonitoringRule User-Agent: - - terraform-provider-datadog/dev (terraform 2.7.0; terraform-cli 1.0.3) datadog-api-client-go/1.4.0 (go go1.17; os darwin; arch amd64) - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/gev-ic7-asj + - terraform-provider-datadog/dev (terraform 2.10.0; terraform-cli 0.15.4) datadog-api-client-go/1.7.1+dev (go go1.17.3; os darwin; arch amd64) + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/oji-nib-gy5 method: DELETE response: body: "" @@ -364,28 +382,30 @@ interactions: - keep-alive Content-Disposition: - inline - Content-Length: - - "0" Content-Security-Policy: - frame-ancestors 'self'; report-uri https://api.datadoghq.com/csp-report Date: - - Fri, 01 Oct 2021 08:51:54 GMT + - Tue, 04 Jan 2022 11:52:23 GMT Pragma: - no-cache Strict-Transport-Security: - max-age=15724800; + Vary: + - Accept-Encoding X-Content-Type-Options: - nosniff X-Frame-Options: - SAMEORIGIN X-Ratelimit-Limit: - - "600" + - "1000" + X-Ratelimit-Name: + - security_analytics X-Ratelimit-Period: - - "60" + - "10" X-Ratelimit-Remaining: - - "555" + - "999" X-Ratelimit-Reset: - - "6" + - "7" status: 204 No Content code: 204 duration: "" @@ -398,11 +418,11 @@ interactions: Dd-Operation-Id: - GetSecurityMonitoringRule User-Agent: - - terraform-provider-datadog/dev (terraform 2.7.0; terraform-cli 1.0.3) datadog-api-client-go/1.4.0 (go go1.17; os darwin; arch amd64) - url: https://api.datadoghq.com/api/v2/security_monitoring/rules/gev-ic7-asj + - terraform-provider-datadog/dev (terraform 2.10.0; terraform-cli 0.15.4) datadog-api-client-go/1.7.1+dev (go go1.17.3; os darwin; arch amd64) + url: https://api.datadoghq.com/api/v2/security_monitoring/rules/oji-nib-gy5 method: GET response: - body: '{"errors":["Threat detection rule not found: gev-ic7-asj"]}' + body: '{"errors":["Threat detection rule not found: oji-nib-gy5"]}' headers: Cache-Control: - no-cache @@ -413,7 +433,7 @@ interactions: Content-Type: - application/json Date: - - Fri, 01 Oct 2021 08:51:54 GMT + - Tue, 04 Jan 2022 11:52:23 GMT Pragma: - no-cache Strict-Transport-Security: @@ -425,13 +445,15 @@ interactions: X-Frame-Options: - SAMEORIGIN X-Ratelimit-Limit: - - "600" + - "1000" + X-Ratelimit-Name: + - security_analytics X-Ratelimit-Period: - - "60" + - "10" X-Ratelimit-Remaining: - - "553" + - "998" X-Ratelimit-Reset: - - "6" + - "7" status: 404 Not Found code: 404 duration: "" diff --git a/datadog/tests/resource_datadog_security_monitoring_rule_test.go b/datadog/tests/resource_datadog_security_monitoring_rule_test.go index 22968bd331..16e721e884 100644 --- a/datadog/tests/resource_datadog_security_monitoring_rule_test.go +++ b/datadog/tests/resource_datadog_security_monitoring_rule_test.go @@ -350,10 +350,6 @@ resource "datadog_security_monitoring_rule" "acceptance_test" { query = "@agent.rule_id:(%s_random_id OR random_id)" aggregation = "count" group_by_fields = ["host"] - agent_rule { - agent_rule_id = "random_id" - expression = "open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0" - } } case { @@ -393,10 +389,6 @@ func testAccCheckDatadogSecurityMonitoringCreatedCheckCwsRule(accProvider func() tfSecurityRuleName, "query.0.aggregation", "count"), resource.TestCheckResourceAttr( tfSecurityRuleName, "query.0.group_by_fields.0", "host"), - resource.TestCheckResourceAttr( - tfSecurityRuleName, "query.0.agent_rule.0.agent_rule_id", "random_id"), - resource.TestCheckResourceAttr( - tfSecurityRuleName, "query.0.agent_rule.0.expression", "open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0"), resource.TestCheckResourceAttr( tfSecurityRuleName, "case.0.name", "high case"), resource.TestCheckResourceAttr( @@ -615,10 +607,6 @@ resource "datadog_security_monitoring_rule" "acceptance_test" { aggregation = "count" group_by_fields = ["service"] metric = "@network.bytes_read" - agent_rule { - agent_rule_id = "random_id" - expression = "open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0" - } } case { @@ -661,10 +649,6 @@ func testAccCheckDatadogSecurityMonitoringUpdateCheckCwsRule(accProvider func() tfSecurityRuleName, "query.0.group_by_fields.0", "service"), resource.TestCheckResourceAttr( tfSecurityRuleName, "query.0.metric", "@network.bytes_read"), - resource.TestCheckResourceAttr( - tfSecurityRuleName, "query.0.agent_rule.0.agent_rule_id", "random_id"), - resource.TestCheckResourceAttr( - tfSecurityRuleName, "query.0.agent_rule.0.expression", "open.filename =~ \"/etc/ssl/certs/*\" && open.flags & (O_CREAT | O_RDWR | O_WRONLY) > 0"), resource.TestCheckResourceAttr( tfSecurityRuleName, "case.0.name", "high case (updated)"), resource.TestCheckResourceAttr( diff --git a/go.mod b/go.mod index b7f0c6959f..6c23c34306 100644 --- a/go.mod +++ b/go.mod @@ -1,7 +1,7 @@ module github.com/terraform-providers/terraform-provider-datadog require ( - github.com/DataDog/datadog-api-client-go v1.7.1-0.20211221215053-b058a1120505 + github.com/DataDog/datadog-api-client-go v1.7.1-0.20220104100730-9e2043cf480b github.com/DataDog/datadog-go v4.8.3+incompatible // indirect github.com/DataDog/dd-sdk-go-testing v0.0.0-20211116174033-1cd082e322ad github.com/DataDog/sketches-go v1.2.1 // indirect diff --git a/go.sum b/go.sum index 108d92b82f..3f93c7a2fd 100644 --- a/go.sum +++ b/go.sum @@ -34,10 +34,8 @@ cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/DataDog/datadog-api-client-go v1.7.0 h1:82Jkz5dFQGR+ygERKfd6JpvlVbeNLe6HaeWBypu7+2w= -github.com/DataDog/datadog-api-client-go v1.7.0/go.mod h1:QzaQF1cDO1/BIQG1fz14VrY+6RECUGkiwzDCtVbfP5c= -github.com/DataDog/datadog-api-client-go v1.7.1-0.20211221215053-b058a1120505 h1:/d65kW7pktqAXpV5Uoy+DVXZnEMEunEDIfGEK0w62po= -github.com/DataDog/datadog-api-client-go v1.7.1-0.20211221215053-b058a1120505/go.mod h1:QzaQF1cDO1/BIQG1fz14VrY+6RECUGkiwzDCtVbfP5c= +github.com/DataDog/datadog-api-client-go v1.7.1-0.20220104100730-9e2043cf480b h1:lBlouWshTs2M5ZpHPdk6roR7kPUJbd9xpTqiq5+F4Lw= +github.com/DataDog/datadog-api-client-go v1.7.1-0.20220104100730-9e2043cf480b/go.mod h1:QzaQF1cDO1/BIQG1fz14VrY+6RECUGkiwzDCtVbfP5c= github.com/DataDog/datadog-go v4.4.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/DataDog/datadog-go v4.8.3+incompatible h1:fNGaYSuObuQb5nzeTQqowRAd9bpDIRRV4/gUtIBjh8Q= github.com/DataDog/datadog-go v4.8.3+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=