kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8995067fd413fe274f278e000b61ed4c2d2e6aea
hunfabric/modules/secops-rules/main.tf
Simone Ruffilli c6c4cc71d5 Pathexpand all factory data paths (#3033) 
* Pathexpand all factory data paths

* fix net monitoring paths

* fix file paths

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2025-04-16 13:28:10 +02:00

74 lines
2.7 KiB
HCL
Raw Blame History

/**
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
locals {
_secops_rules_path = pathexpand(coalesce(var.factories_config.rules_defs, "-"))
reference_lists = try(yamldecode(file(var.factories_config.reference_lists)), var.reference_lists_config)
reference_lists_entries = {
for k, v in local.reference_lists : k => split("\n", file("${var.factories_config.reference_lists_defs}/${k}.txt"))
}
reference_list_type_mapping = {
STRING = "REFERENCE_LIST_SYNTAX_TYPE_PLAIN_TEXT_STRING"
REGEX = "REFERENCE_LIST_SYNTAX_TYPE_REGEX"
CIDR = "REFERENCE_LIST_SYNTAX_TYPE_CIDR"
}
secops_rules = {
for file_name in fileset(local._secops_rules_path, "*.yaral") :
replace(file_name, ".yaral", "") => file("${local._secops_rules_path}/${file_name}")
}
secops_rule_deployment = try(yamldecode(file(var.factories_config.rules)), var.rules_config)
}
resource "google_chronicle_reference_list" "default" {
for_each = local.reference_lists
project = var.project_id
location = var.tenant_config.region
instance = var.tenant_config.customer_id
reference_list_id = each.key
description = each.value.description
dynamic "entries" {
for_each = local.reference_lists_entries[each.key]
content {
value = entries.value
}
}
syntax_type = local.reference_list_type_mapping[each.value.type]
}
resource "google_chronicle_rule" "default" {
for_each = local.secops_rule_deployment
project = var.project_id
location = var.tenant_config.region
instance = var.tenant_config.customer_id
text = local.secops_rules[each.key]
deletion_policy = "FORCE"
depends_on = [
google_chronicle_reference_list.default
]
}
resource "google_chronicle_rule_deployment" "default" {
for_each = local.secops_rule_deployment
project = var.project_id
location = var.tenant_config.region
instance = var.tenant_config.customer_id
rule = google_chronicle_rule.default[each.key].rule_id
enabled = each.value.enabled
alerting = each.value.alerting
archived = each.value.archived
run_frequency = each.value.run_frequency
}
Reference in New Issue View Git Blame Copy Permalink