Skip to content

Commit

Permalink
[datadog_cloud_configuration_rule] Set userActivationStatus to true w…
Browse files Browse the repository at this point in the history 
…hen at least one group_by field is present (#2131)

* cloud_configuration_rule: Set userActivationStatus to true when at least one group_by field is present

* Add test cassettes
  • Loading branch information
@christophetd
christophetd authored Oct 3, 2023
1 parent a7f28ee commit 8a7e56d
Show file tree
Hide file tree
Showing 7 changed files with 49 additions and 49 deletions.
2 changes: 1 addition & 1 deletion datadog/resource_datadog_cloud_configuration_rule.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ func buildComplianceSignalOptions(d *schema.ResourceData) *datadogV2.CloudConfig
groupByFields := utils.GetStringSlice(d, groupByField)

signalOptions := datadogV2.NewCloudConfigurationRuleComplianceSignalOptions()
signalOptions.SetUserActivationStatus(len(groupByFields) > 1)
signalOptions.SetUserActivationStatus(len(groupByFields) > 0)
signalOptions.SetUserGroupByFields(groupByFields)

return signalOptions
Expand Down
2 changes: 1 addition & 1 deletion datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Basic.freeze
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2023-09-04T17:14:28.250378945+02:00
2023-10-03T10:34:53.698862+02:00
54 changes: 27 additions & 27 deletions datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Basic.yaml
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Import.freeze
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2023-09-04T17:15:22.110265706+02:00
2023-10-03T10:34:53.698831+02:00
18 changes: 9 additions & 9 deletions datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_Import.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ version: 1
interactions:
- request:
body: |
{"cases":[{"notifications":["@channel"],"status":"low"}],"complianceSignalOptions":{"userActivationStatus":false,"userGroupByFields":["@resource"]},"filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}],"isEnabled":false,"message":"Acceptance test TF rule","name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1693840522","options":{"complianceRuleOptions":{"complexRule":true,"regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) \u003c= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"resourceType":"gcp_compute_instance"}},"tags":["test:acceptance","terraform:true"],"type":"cloud_configuration"}
{"cases":[{"notifications":["@channel"],"status":"low"}],"complianceSignalOptions":{"userActivationStatus":true,"userGroupByFields":["@resource"]},"filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}],"isEnabled":false,"message":"Acceptance test TF rule","name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1696322093","options":{"complianceRuleOptions":{"complexRule":true,"regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) \u003c= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"resourceType":"gcp_compute_instance"}},"tags":["test:acceptance","terraform:true"],"type":"cloud_configuration"}
form: {}
headers:
Accept:
Expand All @@ -14,7 +14,7 @@ interactions:
method: POST
response:
body: |
{"id":"cwm-zsf-jul","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1693840522","createdAt":1693840523889,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]}
{"id":"bag-bcj-sqe","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1696322093","createdAt":1696322103326,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]}
headers:
Content-Type:
- application/json
Expand All @@ -27,11 +27,11 @@ interactions:
headers:
Accept:
- application/json
url: https://api.datadoghq.com/api/v2/security_monitoring/rules/cwm-zsf-jul
url: https://api.datadoghq.com/api/v2/security_monitoring/rules/bag-bcj-sqe
method: GET
response:
body: |
{"id":"cwm-zsf-jul","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1693840522","createdAt":1693840523889,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]}
{"id":"bag-bcj-sqe","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1696322093","createdAt":1696322103326,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]}
headers:
Content-Type:
- application/json
Expand All @@ -44,11 +44,11 @@ interactions:
headers:
Accept:
- application/json
url: https://api.datadoghq.com/api/v2/security_monitoring/rules/cwm-zsf-jul
url: https://api.datadoghq.com/api/v2/security_monitoring/rules/bag-bcj-sqe
method: GET
response:
body: |
{"id":"cwm-zsf-jul","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1693840522","createdAt":1693840523889,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":false,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]}
{"id":"bag-bcj-sqe","version":1,"name":"tf-TestAccDatadogCloudConfigurationRule_Import-local-1696322093","createdAt":1696322103326,"creationAuthorId":1445416,"isDefault":false,"isEnabled":false,"isDeleted":false,"isDeprecated":false,"queries":[{"query":"resource_type:gcp_compute_instance","groupByFields":["resource_type","resource_id"],"distinctFields":[],"aggregation":"count","name":"a"}],"options":{"keepAlive":21600,"maxSignalDuration":86400,"detectionMethod":"threshold","evaluationWindow":7200,"complianceRuleOptions":{"resourceType":"gcp_compute_instance","regoRule":{"policy":"package datadog\n\nimport data.datadog.output as dd_output\n\nimport future.keywords.contains\nimport future.keywords.if\nimport future.keywords.in\n\nmilliseconds_in_a_day := ((1000 * 60) * 60) * 24\n\neval(iam_service_account_key) = \"skip\" if {\n\tiam_service_account_key.disabled\n} else = \"pass\" if {\n\t(iam_service_account_key.resource_seen_at / milliseconds_in_a_day) - (iam_service_account_key.valid_after_time / milliseconds_in_a_day) <= 90\n} else = \"fail\"\n\n# This part remains unchanged for all rules\nresults contains result if {\n\tsome resource in input.resources[input.main_resource_type]\n\tresult := dd_output.format(resource, eval(resource))\n}\n","resourceTypes":["gcp_compute_instance","gcp_compute_disk"]},"complexRule":true}},"complianceSignalOptions":{"defaultActivationStatus":null,"defaultGroupByFields":null,"userActivationStatus":true,"userGroupByFields":["@resource"]},"cases":[{"name":"","status":"low","notifications":["@channel"],"condition":"a > 0"}],"message":"Acceptance test TF rule","tags":["test:acceptance","terraform:true"],"hasExtendedTitle":true,"type":"cloud_configuration","filters":[{"action":"suppress","query":"resource_id:hel*"},{"action":"require","query":"resource_type:hel*"}]}
headers:
Content-Type:
- application/json
Expand All @@ -61,7 +61,7 @@ interactions:
headers:
Accept:
- '*/*'
url: https://api.datadoghq.com/api/v2/security_monitoring/rules/cwm-zsf-jul
url: https://api.datadoghq.com/api/v2/security_monitoring/rules/bag-bcj-sqe
method: DELETE
response:
body: ""
Expand All @@ -75,11 +75,11 @@ interactions:
headers:
Accept:
- application/json
url: https://api.datadoghq.com/api/v2/security_monitoring/rules/cwm-zsf-jul
url: https://api.datadoghq.com/api/v2/security_monitoring/rules/bag-bcj-sqe
method: GET
response:
body: |
{"errors":["Threat detection rule not found: cwm-zsf-jul"]}
{"errors":["Threat detection rule not found: bag-bcj-sqe"]}
headers:
Content-Type:
- application/json
Expand Down
2 changes: 1 addition & 1 deletion datadog/tests/cassettes/TestAccDatadogCloudConfigurationRule_MandatoryFieldsOnly.freeze
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2023-09-04T17:14:55.061902485+02:00
2023-10-03T10:34:53.692544+02:00
Loading

0 comments on commit 8a7e56d

Please sign in to comment.