Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azurerm_sentinel_watchlist - Add required property item_search_key #15861

Merged
merged 3 commits into from
Apr 14, 2022
Merged

azurerm_sentinel_watchlist - Add required property item_search_key #15861

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
7f857d9
`azurerm_sentinel_watchlist` - Add required property `item_search_key`
magodo Mar 17, 2022
e7cfdf0
naming
magodo Mar 17, 2022
a64b6d9
Revert "naming"
magodo Mar 23, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions examples/sentinel/watchlist-item-from-csv-file/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ resource "azurerm_sentinel_watchlist" "example" {
name = "example-watchlist"
log_analytics_workspace_id = azurerm_log_analytics_solution.example.workspace_resource_id
display_name = "example-wl"
item_search_key = "Key"
}

locals {
Expand Down
1 change: 1 addition & 0 deletions internal/services/sentinel/sentinel_watchlist_item_resource_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,7 @@ resource "azurerm_sentinel_watchlist" "test" {
name = "accTestWL-%d"
log_analytics_workspace_id = azurerm_log_analytics_solution.sentinel.workspace_resource_id
display_name = "test"
item_search_key = "k1"
}
`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.RandomInteger)
}
17 changes: 14 additions & 3 deletions internal/services/sentinel/sentinel_watchlist_resource.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ type WatchlistModel struct {
Description string `tfschema:"description"`
Labels []string `tfschema:"labels"`
DefaultDuration string `tfschema:"default_duration"`
ItemSearchKey string `tfschema:"item_search_key"`
}

func (r WatchlistResource) Arguments() map[string]*pluginsdk.Schema {
Expand All @@ -50,6 +51,12 @@ func (r WatchlistResource) Arguments() map[string]*pluginsdk.Schema {
ForceNew: true,
ValidateFunc: validation.StringIsNotEmpty,
},
"item_search_key": {
Type: pluginsdk.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validation.StringIsNotEmpty,
},
"description": {
Type: pluginsdk.TypeString,
Optional: true,
Expand Down Expand Up @@ -124,10 +131,11 @@ func (r WatchlistResource) Create() sdk.ResourceFunc {
// The only supported provider for now is "Microsoft"
Provider: utils.String("Microsoft"),

// The "source" and "contentType" represent the source file name which contains the watchlist items and its content type.
// The "source" represent the source file name which contains the watchlist items.
// Setting them here is merely to make the API happy.
Source: securityinsight.Source("a.csv"),
ContentType: utils.String("Text/Csv"),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is a breaking change, we should be exposing a field for this with a default value here?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how come we are removing this? should it not be in schema with a default?

Source: securityinsight.Source("a.csv"),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the possible values from the SDK here are:

// Source enumerates the values for source.
type Source string

const (
	// SourceLocalfile ...
	SourceLocalfile Source = "Local file"
	// SourceRemotestorage ...
	SourceRemotestorage Source = "Remote storage"
)

// PossibleSourceValues returns an array of possible values for the Source const type.
func PossibleSourceValues() []Source {
	return []Source{SourceLocalfile, SourceRemotestorage}
}

why is this a.csv?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"a.csv" is not a valid value for securityinsight.Source? at that should we not expose this in schema with a default?


ItemsSearchKey: utils.String(model.ItemSearchKey),
},
}

Expand Down Expand Up @@ -189,6 +197,9 @@ func (r WatchlistResource) Read() sdk.ResourceFunc {
if props.DefaultDuration != nil {
model.DefaultDuration = *props.DefaultDuration
}
if props.ItemsSearchKey != nil {
model.ItemSearchKey = *props.ItemsSearchKey
}
}

return metadata.Encode(&model)
Expand Down
5 changes: 4 additions & 1 deletion internal/services/sentinel/sentinel_watchlist_resource_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,7 @@ resource "azurerm_sentinel_watchlist" "test" {
name = "accTestWL-%d"
log_analytics_workspace_id = azurerm_log_analytics_solution.sentinel.workspace_resource_id
display_name = "test"
item_search_key = "Key"
}
`, template, data.RandomInteger)
}
Expand All @@ -104,6 +105,7 @@ resource "azurerm_sentinel_watchlist" "test" {
description = "description"
labels = ["label1", "laebl2"]
default_duration = "P2DT3H"
item_search_key = "Key"
}
`, template, data.RandomInteger)
}
Expand All @@ -117,6 +119,7 @@ resource "azurerm_sentinel_watchlist" "import" {
name = azurerm_sentinel_watchlist.test.name
log_analytics_workspace_id = azurerm_sentinel_watchlist.test.log_analytics_workspace_id
display_name = azurerm_sentinel_watchlist.test.display_name
item_search_key = azurerm_sentinel_watchlist.test.item_search_key
}
`, template)
}
Expand All @@ -136,7 +139,7 @@ resource "azurerm_log_analytics_workspace" "test" {
name = "acctest-workspace-%d"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
sku = "pergb2018"
sku = "PerGB2018"
}

resource "azurerm_log_analytics_solution" "sentinel" {
Expand Down
3 changes: 3 additions & 0 deletions website/docs/r/sentinel_watchlist.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ resource "azurerm_sentinel_watchlist" "example" {
name = "example-watchlist"
log_analytics_workspace_id = azurerm_log_analytics_solution.example.workspace_resource_id
display_name = "example-wl"
item_search_key = "Key"
}
```

Expand All @@ -55,6 +56,8 @@ The following arguments are supported:

* `display_name` - (Required) The display name of this Sentinel Watchlist. Changing this forces a new Sentinel Watchlist to be created.

* `item_search_key` - (Required) The key used to optimize query performance when using Watchlist for joins with other data. Changing this forces a new Sentinel Watchlist to be created.

---

* `default_duration` - (Optional) The default duration in ISO8601 duration form of this Sentinel Watchlist. Changing this forces a new Sentinel Watchlist to be created.
Expand Down