lacework · gspofford-lw · Apr 8, 2024 · Apr 8, 2024 · Apr 9, 2024 · Apr 10, 2024
@@ -16,6 +16,11 @@ variable "query_id" {
   default = "Lql_Terraform_Query"
 }
 
+variable "query_language" {
+  type    = string
+  default = ""
+}
+
 variable "query" {
   type    = string
   default = <<EOT
@@ -40,6 +45,10 @@ output "query_id" {
   value = lacework_query.example.id
 }
 
+output "query_language" {
+  value = lacework_query.example.query_language
+}
+
 output "query" {
   value = lacework_query.example.query
 }
@@ -125,6 +125,92 @@ func TestQueryCreate(t *testing.T) {
 	assert.Equal(t, queryStringK8, actualQuery)
 }
 
+func TestQueryCreateRego(t *testing.T) {
+	queryID := fmt.Sprintf("Rego_Terraform_Module_%d", time.Now().UnixMilli())
+	var queryLanguage = regoStr
+	terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
+		TerraformDir: "../examples/resource_lacework_query",
+		Vars: map[string]interface{}{
+			"query_id":       queryID,
+			"query_language": &queryLanguage,
+			"query":          queryStringRego},
+	})
+	defer terraform.Destroy(t, terraformOptions)
+
+	// Create new Query
+	create := terraform.InitAndApplyAndIdempotent(t, terraformOptions)
+	createProps := GetQueryProps(create)
+
+	assert.Equal(t, queryID, createProps.Data.QueryID)
+	assert.Equal(t, queryStringK8, createProps.Data.QueryText)
+	assert.NotNil(t, createProps.Data.QueryLanguage)
+	if createProps.Data.QueryLanguage != nil {
+		assert.Equal(t, regoStr, *createProps.Data.QueryLanguage)
+	}
+
+	actualQueryID := terraform.Output(t, terraformOptions, "query_id")
+	actualQuery := terraform.Output(t, terraformOptions, "query")
+	var actualQueryLanguage *string
+	terraform.OutputStruct(t, terraformOptions, "query_language", &actualQueryLanguage)
+
+	assert.Equal(t, queryID, actualQueryID)
+	assert.Equal(t, queryStringK8, actualQuery)
+	assert.NotNil(t, actualQueryLanguage)
+	if actualQueryLanguage != nil {
+		assert.Equal(t, regoStr, *actualQueryLanguage)
+	}
+
+	// Update Query
+	terraformOptions.Vars = map[string]interface{}{
+		"query_id": queryID,
+		"query":    queryStringRego,
+	}
+
+	update := terraform.ApplyAndIdempotent(t, terraformOptions)
+	updateProps := GetQueryProps(update)
+
+	assert.Equal(t, queryID, updateProps.Data.QueryID)
+	assert.Equal(t, queryStringK8, updateProps.Data.QueryText)
+	assert.NotNil(t, updateProps.Data.QueryLanguage)
+	if updateProps.Data.QueryLanguage != nil {
+		assert.Equal(t, regoStr, *updateProps.Data.QueryLanguage)
+	}
+
+	actualQueryID = terraform.Output(t, terraformOptions, "query_id")
+	actualQuery = terraform.Output(t, terraformOptions, "query")
+	terraform.OutputStruct(t, terraformOptions, "query_language", &actualQueryLanguage)
+
+	assert.Equal(t, queryID, actualQueryID)
+	assert.Equal(t, queryStringK8, actualQuery)
+	assert.NotNil(t, actualQueryLanguage)
+	if actualQueryLanguage != nil {
+		assert.Equal(t, regoStr, *actualQueryLanguage)
+	}
+
+	// Run apply again
+	thirdApply := terraform.ApplyAndIdempotent(t, terraformOptions)
+
+	thirdApplyProps := GetQueryProps(thirdApply)
+
+	assert.Equal(t, queryID, thirdApplyProps.Data.QueryID)
+	assert.Equal(t, queryStringK8, thirdApplyProps.Data.QueryText)
+	assert.NotNil(t, thirdApplyProps.Data.QueryLanguage)
+	if thirdApplyProps.Data.QueryLanguage != nil {
+		assert.Equal(t, regoStr, *thirdApplyProps.Data.QueryLanguage)
+	}
+
+	actualQueryID = terraform.Output(t, terraformOptions, "query_id")
+	actualQuery = terraform.Output(t, terraformOptions, "query")
+	terraform.OutputStruct(t, terraformOptions, "query_language", &actualQueryLanguage)
+
+	assert.Equal(t, queryID, actualQueryID)
+	assert.Equal(t, queryStringK8, actualQuery)
+	assert.NotNil(t, actualQueryLanguage)
+	if actualQueryLanguage != nil {
+		assert.Equal(t, regoStr, *actualQueryLanguage)
+	}
+}
+
 func TestQueryDeprecatedSytaxWithID(t *testing.T) {
 	terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
 		TerraformDir: "../examples/resource_lacework_query",
@@ -254,4 +340,14 @@ var (
     filter { ERROR_CODE is null }
     return distinct { EVENT }
 }`
+
+	queryStringRego = `
+package a_test
+import future.keywords
+import data.lacework
+source := lacework.spm.aws.lists_all("s3", "list-buckets"
+assess := "Compliant"
+`
+
+	regoStr = "Rego"
 )
@@ -34,6 +34,13 @@ func resourceLaceworkPolicy() *schema.Resource {
 				Required:    true,
 				Description: "The id of the query",
 			},
+			"query_language": {
+				Type:        schema.TypeString,
+				Required:    false,
+				Optional:    true,
+				Computed:    true,
+				Description: "The language of the query/module",
+			},
 			"description": {
 				Type:        schema.TypeString,
 				Required:    true,
@@ -189,6 +196,9 @@ func resourceLaceworkPolicyCreate(d *schema.ResourceData, meta interface{}) erro
 	}
 
 	d.SetId(response.Data.PolicyID)
+	if response.Data.QueryLanguage != nil {
+		d.Set("query_language", response.Data.QueryLanguage)
+	}
 	d.Set("owner", response.Data.Owner)
 	d.Set("updated_time", response.Data.LastUpdateTime)
 	d.Set("updated_by", response.Data.LastUpdateUser)
@@ -212,6 +222,9 @@ func resourceLaceworkPolicyRead(d *schema.ResourceData, meta interface{}) error
 	d.SetId(response.Data.PolicyID)
 	d.Set("title", response.Data.Title)
 	d.Set("query_id", response.Data.QueryID)
+	if response.Data.QueryLanguage != nil {
+		d.Set("query_language", *response.Data.QueryLanguage)
+	}
 	d.Set("enabled", response.Data.Enabled)
 	d.Set("description", response.Data.Description)
 	d.Set("evaluation", response.Data.EvalFrequency)

@@ -33,6 +33,13 @@ func resourceLaceworkPolicyCompliance() *schema.Resource {
 				Required:    true,
 				Description: "The id of the query",
 			},
+			"query_language": {
+				Type:        schema.TypeString,
+				Required:    false,
+				Optional:    true,
+				Computed:    true,
+				Description: "The language of the query/module",
+			},
 			"description": {
 				Type:        schema.TypeString,
 				Required:    true,
@@ -128,6 +135,9 @@ func resourceLaceworkPolicyComplianceCreate(d *schema.ResourceData, meta interfa
 	}
 
 	d.SetId(response.Data.PolicyID)
+	if response.Data.QueryLanguage != nil {
+		d.Set("query_language", response.Data.QueryLanguage)
+	}
 	d.Set("owner", response.Data.Owner)
 	d.Set("updated_time", response.Data.LastUpdateTime)
 	d.Set("updated_by", response.Data.LastUpdateUser)
@@ -151,6 +161,9 @@ func resourceLaceworkPolicyComplianceRead(d *schema.ResourceData, meta interface
 	d.SetId(response.Data.PolicyID)
 	d.Set("title", response.Data.Title)
 	d.Set("query_id", response.Data.QueryID)
+	if response.Data.QueryLanguage != nil {
+		d.Set("query_language", response.Data.QueryLanguage)
+	}
 	d.Set("enabled", response.Data.Enabled)
 	d.Set("description", response.Data.Description)
 	d.Set("severity", response.Data.Severity)

@@ -3,13 +3,30 @@ package lacework
 import (
 	"context"
 	"fmt"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	"log"
+	"strings"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/lacework/go-sdk/api"
 	"github.com/pkg/errors"
 )
 
+func ValidateQueryLanguage() schema.SchemaValidateDiagFunc {
+	return validation.ToDiagFunc(func(value interface{}, key string) ([]string, []error) {
+		switch value.(string) {
+		case "LQL", "Rego":
+			return nil, nil
+		default:
+			return nil, []error{
+				fmt.Errorf(
+					"%s: can only be 'LQL', 'Rego'", key,
+				),
+			}
+		}
+	})
+}
+
 func resourceLaceworkQuery() *schema.Resource {
 	return &schema.Resource{
 		Create: resourceLaceworkQueryCreate,
@@ -27,6 +44,17 @@ func resourceLaceworkQuery() *schema.Resource {
 				Required:    true,
 				Description: "The id of the query",
 			},
+			"query_language": {
+				Type:     schema.TypeString,
+				Required: false,
+				Optional: true,
+				Description: "The language of the query or module. Valid values are: LQL, Rego. " +
+					"If omitted, the language is defaulted to LQL.",
+				StateFunc: func(val interface{}) string {
+					return strings.TrimSpace(val.(string))
+				},
+				ValidateDiagFunc: ValidateQueryLanguage(),
+			},
 			"query": {
 				Type:        schema.TypeString,
 				Required:    true,
@@ -57,9 +85,18 @@ func resourceLaceworkQueryCreate(d *schema.ResourceData, meta interface{}) error
 		lacework = meta.(*api.Client)
 	)
 
+	var queryLanguage string
+	if queryLanguageRaw := d.Get("query_language"); queryLanguageRaw != nil {
+		queryLanguage = queryLanguageRaw.(string)
+	}
+	var queryLanguagePtr *string
+	if queryLanguage != "" {
+		queryLanguagePtr = &queryLanguage
+	}
 	query := api.NewQuery{
-		QueryID:   d.Get("query_id").(string),
-		QueryText: d.Get("query").(string),
+		QueryID:       d.Get("query_id").(string),
+		QueryLanguage: queryLanguagePtr,
+		QueryText:     d.Get("query").(string),
 	}
 
 	log.Printf("[INFO] Creating Query with data:\n%+v\n", query)
@@ -90,6 +127,9 @@ func resourceLaceworkQueryRead(d *schema.ResourceData, meta interface{}) error {
 	}
 
 	d.Set("query", response.Data.QueryText)
+	if response.Data.QueryLanguage != nil {
+		d.Set("query_language", *response.Data.QueryLanguage)
+	}
 	d.Set("owner", response.Data.Owner)
 	d.Set("updated_time", response.Data.LastUpdateTime)
 	d.Set("updated_by", response.Data.LastUpdateUser)
@@ -107,7 +147,9 @@ func resourceLaceworkQueryUpdate(d *schema.ResourceData, meta interface{}) error
 	if d.HasChange("query_id") {
 		return errors.New("unable to change ID of an existing query")
 	}
-
+	if d.HasChange("query_language") {
+		return errors.New("unable to change query_language of an existing query")
+	}
 	query := api.UpdateQuery{
 		QueryText: d.Get("query").(string),
 	}