Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

APP-15731 - Support rule labels #219

Merged
merged 5 commits into from
Oct 23, 2024
+305 −236
Merged

APP-15731 - Support rule labels #219

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
2c351b5
APP-15731 - Update rule schema
jzolo22 Oct 18, 2024
af1f18f
wip
jzolo22 Oct 22, 2024
21df772
APP-15731 - Add labels to create/update on rules
jzolo22 Oct 23, 2024
189df22
APP-15731 - Re-record cassettes
jzolo22 Oct 23, 2024
a911510
APP-15731 - Re-record cassettes with correct api key
jzolo22 Oct 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 11 additions & 4 deletions docs/resources/rule.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,11 @@ resource "jupiterone_rule" "unencrypted_critical_data_stores" {

tags = ["exampletag"]

labels = [{
label_name = "examplekey"
label_value = "examplevalue"
}]

outputs = [
"queries.query0.total",
"alertLevel"
Expand Down Expand Up @@ -99,6 +104,7 @@ resource "jupiterone_rule" "users_without_mfa" {
```

<!-- schema generated by tfplugindocs -->

## Schema

### Required
Expand All @@ -116,7 +122,8 @@ resource "jupiterone_rule" "users_without_mfa" {
- `question` (Block List) Contains properties related to queries used in the rule evaluation. (see [below for nested schema](#nestedblock--question))
- `question_id` (String) Specifies the ID of a question to be used in rule evaluation.
- `spec_version` (Number) Rule evaluation specification version in the case of breaking changes.
- `tags` (List of String) Comma separated list of tags to apply to the rule.
- `tags` (List of String) Comma separated list of tags to apply to the jupiterone_rule entity. Value will always be true.
- `labels` (List of Attributes) Key/value pairs to apply to the jupiterone_rule entity. If label_value is a string that represents a boolean or number (i.e. "true", "1"), it will be converted to a boolean or number respectively.
- `templates` (Map of String) Optional key/value pairs of template name to template
- `trigger_on_new_only` (Boolean)

Expand All @@ -126,6 +133,7 @@ resource "jupiterone_rule" "users_without_mfa" {
- `version` (Number) Computed current version of the rule. Incremented each time the rule is updated.

<a id="nestedatt--operations"></a>

### Nested Schema for `operations`

Required:
Expand All @@ -136,15 +144,16 @@ Optional:

- `when` (String)


<a id="nestedblock--question"></a>

### Nested Schema for `question`

Optional:

- `queries` (Block List) Contains properties related to queries used in the rule evaluation. (see [below for nested schema](#nestedblock--question--queries))

<a id="nestedblock--question--queries"></a>

### Nested Schema for `question.queries`

Required:
Expand All @@ -156,5 +165,3 @@ Optional:

- `include_deleted` (Boolean)
- `name` (String)


44 changes: 22 additions & 22 deletions jupiterone/cassettes/TestInlineRuleInstance_Basic.yaml
View file
Open in desktop

Large diffs are not rendered by default.

24 changes: 12 additions & 12 deletions jupiterone/cassettes/TestInlineRuleInstance_BasicImport.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,13 @@ interactions:
proto: HTTP/1.1
proto_major: 1
proto_minor: 1
content_length: 1044
content_length: 1132
transfer_encoding: []
trailer: {}
host: graphql.us.jupiterone.io
remote_addr: ""
request_uri: ""
body: '{"query":"\nmutation CreateInlineQuestionRuleInstance ($instance: CreateInlineQuestionRuleInstanceInput!) {\n\tcreateQuestionRuleInstance: createInlineQuestionRuleInstance(instance: $instance) {\n\t\tid\n\t\tversion\n\t\tspecVersion\n\t\tquestion {\n\t\t\tqueries {\n\t\t\t\tname\n\t\t\t\tquery\n\t\t\t\tversion\n\t\t\t\tincludeDeleted\n\t\t\t}\n\t\t}\n\t\toperations {\n\t\t\twhen\n\t\t\tactions\n\t\t}\n\t}\n}\n","variables":{"instance":{"question":{"queries":[{"query":"Find DataStore with classification=(''critical'' or ''sensitive'' or ''confidential'' or ''restricted'') and encrypted!=true","name":"query0","version":"v1","includeDeleted":false}]},"templates":null,"tags":["tf_acc:1","tf_acc:2"],"name":"tf-provider-test-rule","description":"test","specVersion":1,"operations":[],"outputs":["queries.query0.total","alertLevel"],"pollingInterval":"ONE_DAY","notifyOnFailure":false,"triggerActionsOnNewEntitiesOnly":false,"ignorePreviousResults":false,"remediationSteps":"","j1Internal":false}},"operationName":"CreateInlineQuestionRuleInstance"}'
body: '{"query":"\nmutation CreateInlineQuestionRuleInstance ($instance: CreateInlineQuestionRuleInstanceInput!) {\n\tcreateQuestionRuleInstance: createInlineQuestionRuleInstance(instance: $instance) {\n\t\tid\n\t\tversion\n\t\tspecVersion\n\t\tquestion {\n\t\t\tqueries {\n\t\t\t\tname\n\t\t\t\tquery\n\t\t\t\tversion\n\t\t\t\tincludeDeleted\n\t\t\t}\n\t\t}\n\t\toperations {\n\t\t\twhen\n\t\t\tactions\n\t\t}\n\t\tlabels {\n\t\t\tlabelName\n\t\t\tlabelValue\n\t\t}\n\t}\n}\n","variables":{"instance":{"question":{"queries":[{"query":"Find DataStore with classification=(''critical'' or ''sensitive'' or ''confidential'' or ''restricted'') and encrypted!=true","name":"query0","version":"v1","includeDeleted":false}]},"templates":null,"tags":["tf_acc:1","tf_acc:2"],"name":"tf-provider-test-rule","description":"test","specVersion":1,"operations":[],"outputs":["queries.query0.total","alertLevel"],"pollingInterval":"ONE_DAY","notifyOnFailure":false,"triggerActionsOnNewEntitiesOnly":false,"ignorePreviousResults":false,"remediationSteps":"","collectionId":"","labels":null,"j1Internal":false}},"operationName":"CreateInlineQuestionRuleInstance"}'
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you can use a pipe for multi-line blocks in yaml to make this more readable

  {
    "query": "\nmutation CreateInlineQuestionRuleInstance ($instance: CreateInlineQuestionRuleInstanceInput!) {\n  createQuestionRuleInstance: createInlineQuestionRuleInstance(instance: $instance) {\n    id\n    version\n    specVersion\n    question {\n      queries {\n        name\n        query\n        version\n        includeDeleted\n      }\n    }\n    operations {\n      when\n      actions\n    }\n    labels {\n      labelName\n      labelValue\n    }\n  }\n}\n",
    "variables": {
      "instance": {
        "question": {
          "queries": [
            {
              "query": "Find DataStore with classification=('critical' or 'sensitive' or 'confidential' or 'restricted') and encrypted!=true",
              "name": "query0",
              "version": "v1",
              "includeDeleted": false
            }
          ]
        },
        "templates": null,
        "tags": ["tf_acc:1", "tf_acc:2"],
        "name": "tf-provider-test-rule",
        "description": "test",
        "specVersion": 1,
        "operations": [],
        "outputs": ["queries.query0.total", "alertLevel"],
        "pollingInterval": "ONE_DAY",
        "notifyOnFailure": false,
        "triggerActionsOnNewEntitiesOnly": false,
        "ignorePreviousResults": false,
        "remediationSteps": "",
        "collectionId": "",
        "labels": null,
        "j1Internal": false
      }
    },
    "operationName": "CreateInlineQuestionRuleInstance"
  }

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is generated!

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ahhh okeee

form: {}
headers:
Cache-Control:
Expand All @@ -27,15 +27,15 @@ interactions:
proto_minor: 0
transfer_encoding: []
trailer: {}
content_length: 338
content_length: 350
uncompressed: false
body: |
{"data":{"createQuestionRuleInstance":{"id":"c8649b0d-362d-4246-ba79-1d54b1e13cba","version":1,"specVersion":1,"question":{"queries":[{"name":"query0","query":"Find DataStore with classification=('critical' or 'sensitive' or 'confidential' or 'restricted') and encrypted!=true","version":"v1","includeDeleted":false}]},"operations":[]}}}
{"data":{"createQuestionRuleInstance":{"id":"81a8c676-7155-4f4f-b755-9eab08be21ea","version":1,"specVersion":1,"question":{"queries":[{"name":"query0","query":"Find DataStore with classification=('critical' or 'sensitive' or 'confidential' or 'restricted') and encrypted!=true","version":"v1","includeDeleted":false}]},"operations":[],"labels":[]}}}
headers:
Access-Control-Allow-Credentials:
- "true"
Content-Length:
- "338"
- "350"
Content-Security-Policy:
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self'' https: data:;form-action ''self'';frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
Content-Type:
Expand Down Expand Up @@ -78,7 +78,7 @@ interactions:
- "0"
status: 200 OK
code: 200
duration: 683.644792ms
duration: 609.287625ms
- id: 1
request:
proto: HTTP/1.1
Expand All @@ -90,7 +90,7 @@ interactions:
host: graphql.us.jupiterone.io
remote_addr: ""
request_uri: ""
body: '{"query":"\nquery GetQuestionRuleInstance ($id: ID!) {\n\tquestionRuleInstance(id: $id) {\n\t\tid\n\t\tname\n\t\tdescription\n\t\tversion\n\t\tspecVersion\n\t\tlatest\n\t\tpollingInterval\n\t\tdeleted\n\t\ttype\n\t\ttemplates\n\t\tnotifyOnFailure\n\t\ttriggerActionsOnNewEntitiesOnly\n\t\tignorePreviousResults\n\t\tquestionId\n\t\tquestion {\n\t\t\tqueries {\n\t\t\t\tname\n\t\t\t\tquery\n\t\t\t\tversion\n\t\t\t\tincludeDeleted\n\t\t\t}\n\t\t}\n\t\toperations {\n\t\t\twhen\n\t\t\tactions\n\t\t}\n\t\toutputs\n\t\ttags\n\t}\n}\n","variables":{"id":"c8649b0d-362d-4246-ba79-1d54b1e13cba"},"operationName":"GetQuestionRuleInstance"}'
body: '{"query":"\nquery GetQuestionRuleInstance ($id: ID!) {\n\tquestionRuleInstance(id: $id) {\n\t\tid\n\t\tname\n\t\tdescription\n\t\tversion\n\t\tspecVersion\n\t\tlatest\n\t\tpollingInterval\n\t\tdeleted\n\t\ttype\n\t\ttemplates\n\t\tnotifyOnFailure\n\t\ttriggerActionsOnNewEntitiesOnly\n\t\tignorePreviousResults\n\t\tquestionId\n\t\tquestion {\n\t\t\tqueries {\n\t\t\t\tname\n\t\t\t\tquery\n\t\t\t\tversion\n\t\t\t\tincludeDeleted\n\t\t\t}\n\t\t}\n\t\toperations {\n\t\t\twhen\n\t\t\tactions\n\t\t}\n\t\toutputs\n\t\ttags\n\t}\n}\n","variables":{"id":"81a8c676-7155-4f4f-b755-9eab08be21ea"},"operationName":"GetQuestionRuleInstance"}'
form: {}
headers:
Cache-Control:
Expand All @@ -108,7 +108,7 @@ interactions:
content_length: 668
uncompressed: false
body: |
{"data":{"questionRuleInstance":{"id":"c8649b0d-362d-4246-ba79-1d54b1e13cba","name":"tf-provider-test-rule","description":"test","version":1,"specVersion":1,"latest":true,"pollingInterval":"ONE_DAY","deleted":false,"type":"QUESTION","templates":null,"notifyOnFailure":false,"triggerActionsOnNewEntitiesOnly":false,"ignorePreviousResults":false,"questionId":null,"question":{"queries":[{"name":"query0","query":"Find DataStore with classification=('critical' or 'sensitive' or 'confidential' or 'restricted') and encrypted!=true","version":"v1","includeDeleted":false}]},"operations":[],"outputs":["queries.query0.total","alertLevel"],"tags":["tf_acc:1","tf_acc:2"]}}}
{"data":{"questionRuleInstance":{"id":"81a8c676-7155-4f4f-b755-9eab08be21ea","name":"tf-provider-test-rule","description":"test","version":1,"specVersion":1,"latest":true,"pollingInterval":"ONE_DAY","deleted":false,"type":"QUESTION","templates":null,"notifyOnFailure":false,"triggerActionsOnNewEntitiesOnly":false,"ignorePreviousResults":false,"questionId":null,"question":{"queries":[{"name":"query0","query":"Find DataStore with classification=('critical' or 'sensitive' or 'confidential' or 'restricted') and encrypted!=true","version":"v1","includeDeleted":false}]},"operations":[],"outputs":["queries.query0.total","alertLevel"],"tags":["tf_acc:1","tf_acc:2"]}}}
headers:
Access-Control-Allow-Credentials:
- "true"
Expand Down Expand Up @@ -156,7 +156,7 @@ interactions:
- "0"
status: 200 OK
code: 200
duration: 206.76975ms
duration: 188.905125ms
- id: 2
request:
proto: HTTP/1.1
Expand All @@ -168,7 +168,7 @@ interactions:
host: graphql.us.jupiterone.io
remote_addr: ""
request_uri: ""
body: '{"query":"\nmutation DeleteRuleInstance ($id: ID!) {\n\tdeleteRuleInstance(id: $id) {\n\t\tid\n\t}\n}\n","variables":{"id":"c8649b0d-362d-4246-ba79-1d54b1e13cba"},"operationName":"DeleteRuleInstance"}'
body: '{"query":"\nmutation DeleteRuleInstance ($id: ID!) {\n\tdeleteRuleInstance(id: $id) {\n\t\tid\n\t}\n}\n","variables":{"id":"81a8c676-7155-4f4f-b755-9eab08be21ea"},"operationName":"DeleteRuleInstance"}'
form: {}
headers:
Cache-Control:
Expand All @@ -186,7 +186,7 @@ interactions:
content_length: 78
uncompressed: false
body: |
{"data":{"deleteRuleInstance":{"id":"c8649b0d-362d-4246-ba79-1d54b1e13cba"}}}
{"data":{"deleteRuleInstance":{"id":"81a8c676-7155-4f4f-b755-9eab08be21ea"}}}
headers:
Access-Control-Allow-Credentials:
- "true"
Expand Down Expand Up @@ -234,4 +234,4 @@ interactions:
- "0"
status: 200 OK
code: 200
duration: 266.413584ms
duration: 200.725ms
Loading
Loading