Skip to content

Latest commit

 

History

History

attachment

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
version.tf
version.tf
 
 

README.md

SCC Profile Attachment module

A module to configure an SCC Profile Attachment.

Features:

  • Create an attachment using a profile ID
  • Use the default profile parameters, or pass a custom parameter list
  • Configure a scan schedule for the attachment
  • Configure notifications for the attachment

Usage

module "create_scc_profile_attachment " {
  source                         = "terraform-ibm-modules/scc/ibm//modules/attachment"
  ibmcloud_api_key               = "XXXXXXXXXX" # pragma: allowlist secret
  scc_instance_id                = "57b7ac52-e837-484c-aa07-e3c2db815c44" # replace with the ID of your SCC instance
  profile_name                   = "SOC 2" # select the Name of the profile you want to use
  profile_version                = "1.0.0" # select the Version of the profile you want to use
  use_profile_default_parameters = true # if setting this to false, custom parameters must be passed using the 'custom_attachment_parameters' variable
  attachment_name                = "My attachment"
  attachment_description         = "My attachment description"
  attachment_schedule            = "daily"
  # Configure the scope for the attachment - below scope will scan the whole account
  scope {
    environment   = "ibm-cloud"
    properties {
        name                = "scope-type"
        value               = "account"
    }
  }
}

Requirements

Name Version
terraform >= 1.3.0
ibm >=1.64.1, <2.0.0

Modules

No modules.

Resources

Name Type
ibm_scc_profile_attachment.scc_profile_attachment resource
ibm_scc_profile.scc_profile data source
ibm_scc_profiles.scc_profiles data source

Inputs

Name Description Type Default Required
attachment_description The description for the SCC profile attachment. string n/a yes
attachment_name The name to give to SCC profile attachment. string n/a yes
attachment_schedule The schedule of an attachment. Allowable values are: daily, every_7_days, every_30_days, none. string "daily" no
custom_attachment_parameters A list of custom attachement parameters to use. Only used if 'use_profile_default_parameters' is set to false. 
list(object({
    parameter_name          = string
    parameter_display_name  = string
    parameter_type          = string
    parameter_default_value = string
    assessment_type         = string
    assessment_id           = string
  }))
 null no
enable_notification To enable notifications. bool false no
notification_threshold_limit The threshold limit for notifications. number 14 no
notify_failed_control_ids A list of control IDs to send notifcations for when they fail. list(string) [] no
profile_name Name of the SCC profile that is used for the attachment. string n/a yes
profile_version Version of the SCC profile that is used for the attachment. Defaults to the latest profile version if value is not provided. string "latest" no
scc_instance_id ID of the SCC instance in which to create the attachment. string n/a yes
scope The scope to set for the SCC profile attachment. 
list(object({
    environment = optional(string, "ibm-cloud")
    properties = list(object({
      name  = string
      value = string
    }))
  }))
 n/a yes
use_profile_default_parameters A boolean indicating whether to use the profiles default parameters. If set to false, a value must be passed for the custum_attachment_parameters input variable. bool true no

Outputs

Name Description
attachment_parameters SCC profile attachment parameters
id SCC profile attachment ID