Skip to content

Exposing set action on Terraform V2 #29374

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Exposing set action on Terraform V2 #29374

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions .apigentools-info
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,13 @@
"spec_versions": {
"v1": {
"apigentools_version": "1.6.6",
"regenerated": "2025-05-14 15:46:38.896407",
"spec_repo_commit": "64f5e7ee"
"regenerated": "2025-05-16 19:13:35.676057",
"spec_repo_commit": "31b66a21"
},
"v2": {
"apigentools_version": "1.6.6",
"regenerated": "2025-05-14 15:46:48.228708",
"spec_repo_commit": "64f5e7ee"
"regenerated": "2025-05-16 19:13:44.753345",
"spec_repo_commit": "31b66a21"
}
}
}
264 changes: 250 additions & 14 deletions content/en/api/v2/csm-threats/examples.json
View file
Open in desktop

Large diffs are not rendered by default.

23 changes: 23 additions & 0 deletions content/en/api/v2/csm-threats/request.CreateCSMThreatsAgentRule_1176049761.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
{
"data": {
"attributes": {
"description": "My Agent rule with set action",
"enabled": true,
"expression": "exec.file.name == \"sh\"",
"filters": [],
"name": "examplecsmthreat",
"policy_id": "6517fcc1-cec7-4394-a655-8d6e9d085255",
"product_tags": [],
"actions": [
{
"set": {
"name": "test_set",
"value": "test_value",
"scope": "process"
}
}
]
},
"type": "agent_rule"
}
}
5 changes: 5 additions & 0 deletions data/api/v2/CodeExamples.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -212,6 +212,11 @@
"group": "csm_threats",
"suffix": "",
"description": "Create a CSM Threats Agent rule returns \"OK\" response"
},
{
"group": "csm_threats",
"suffix": "_1176049761",
"description": "Create a CSM Threats Agent rule with set action returns \"OK\" response"
}
],
"CreateCloudWorkloadSecurityAgentRule": [
Expand Down
100 changes: 98 additions & 2 deletions data/api/v2/full_spec.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7373,6 +7373,8 @@ components:
CloudWorkloadSecurityAgentPolicyCreateAttributes:
description: Create a new Cloud Workload Security Agent policy
properties:
actions:
$ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions'
description:
description: The description of the policy
example: My agent policy
Expand Down Expand Up @@ -7454,6 +7456,8 @@ components:
CloudWorkloadSecurityAgentPolicyUpdateAttributes:
description: Update an existing Cloud Workload Security Agent policy
properties:
actions:
$ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions'
description:
description: The description of the policy
example: My agent policy
Expand Down Expand Up @@ -7524,6 +7528,50 @@ components:
type: string
kill:
$ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleKill'
metadata:
$ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActionMetadata'
set:
$ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActionSet'
type: object
CloudWorkloadSecurityAgentRuleActionMetadata:
description: The metadata action applied on the scope matching the rule
properties:
image_tag:
description: The image tag of the metadata action
type: string
service:
description: The service of the metadata action
type: string
short_image:
description: The short image of the metadata action
type: string
type: object
CloudWorkloadSecurityAgentRuleActionSet:
description: The set action applied on the scope matching the rule
properties:
append:
description: Whether the value should be appended to the field
type: boolean
field:
description: The field of the set action
type: string
name:
description: The name of the set action
type: string
scope:
description: The scope of the set action
type: string
size:
description: The size of the set action
format: int64
type: integer
ttl:
description: The time to live of the set action
format: int64
type: integer
value:
description: The value of the set action
type: string
type: object
CloudWorkloadSecurityAgentRuleActions:
description: The array of actions the rule can perform if triggered
Expand All @@ -7539,6 +7587,11 @@ components:
agentConstraint:
description: The version of the Agent
type: string
blocking:
description: The blocking policies that the rule belongs to
items:
type: string
type: array
category:
description: The category of the Agent rule
example: Process Activity
Expand All @@ -7562,6 +7615,11 @@ components:
description: The description of the Agent rule
example: My Agent rule
type: string
disabled:
description: The disabled policies that the rule belongs to
items:
type: string
type: array
enabled:
description: Whether the Agent rule is enabled
example: true
Expand All @@ -7575,6 +7633,11 @@ components:
items:
type: string
type: array
monitoring:
description: The monitoring policies that the rule belongs to
items:
type: string
type: array
name:
description: The name of the Agent rule
example: my_agent_rule
Expand Down Expand Up @@ -7609,10 +7672,22 @@ components:
CloudWorkloadSecurityAgentRuleCreateAttributes:
description: Create a new Cloud Workload Security Agent rule.
properties:
actions:
$ref: '#/components/schemas/CloudWorkloadSecurityAgentRuleActions'
blocking:
description: The blocking policies that the rule belongs to
items:
type: string
type: array
description:
description: The description of the Agent rule.
example: My Agent rule
type: string
disabled:
description: The disabled policies that the rule belongs to
items:
type: string
type: array
enabled:
description: Whether the Agent rule is enabled
example: true
Expand All @@ -7626,6 +7701,11 @@ components:
items:
type: string
type: array
monitoring:
description: The monitoring policies that the rule belongs to
items:
type: string
type: array
name:
description: The name of the Agent rule.
example: my_agent_rule
Expand Down Expand Up @@ -7716,10 +7796,20 @@ components:
CloudWorkloadSecurityAgentRuleUpdateAttributes:
description: Update an existing Cloud Workload Security Agent rule
properties:
blocking:
description: The blocking policies that the rule belongs to
items:
type: string
type: array
description:
description: The description of the Agent rule
example: My Agent rule
type: string
disabled:
description: The disabled policies that the rule belongs to
items:
type: string
type: array
enabled:
description: Whether the Agent rule is enabled
example: true
Expand All @@ -7728,6 +7818,11 @@ components:
description: The SECL expression of the Agent rule
example: exec.file.name == "sh"
type: string
monitoring:
description: The monitoring policies that the rule belongs to
items:
type: string
type: array
policy_id:
description: The ID of the policy where the Agent rule is saved
example: a8c8e364-6556-434d-b798-a4c23de29c0b
Expand Down Expand Up @@ -55622,8 +55717,9 @@ paths:
{\n \"name\": \"{{ unique_lower_alnum }}\",\n \"description\":
\"My Agent rule\",\n \"expression\": \"exec.file.name == \\\"sh\\\"\",\n
\ \"enabled\": true,\n \"product_tags\": [\"security:attack\",
\"technique:T1059\"],\n \"policy_id\": \"{{ policy.data.id }}\"\n
\ }\n }\n}"
\"technique:T1059\"],\n \"actions\": [{\"set\": {\"name\": \"test_set\",
\"value\": \"test_value\", \"scope\": \"process\"}}],\n \"policy_id\":
\"{{ policy.data.id }}\"\n }\n }\n}"
step: there is a valid "agent_rule_rc" in the system
x-menu-order: 4
x-undo:
Expand Down
Loading
Loading