Skip to content

Latest commit

 

History

History
56 lines (45 loc) · 7.26 KB

SPEC.md

File metadata and controls

56 lines (45 loc) · 7.26 KB

Requirements

Name Version
terraform < 1.3.0

Providers

Name Version
oci n/a

Modules

No modules.

Resources

Name Type
oci_cloud_guard_cloud_guard_configuration.this resource
oci_cloud_guard_detector_recipe.activity_cloned resource
oci_cloud_guard_detector_recipe.configuration_cloned resource
oci_cloud_guard_detector_recipe.threat_cloned resource
oci_cloud_guard_responder_recipe.responder_cloned resource
oci_cloud_guard_target.these resource
oci_cloud_guard_cloud_guard_configuration.this data source
oci_cloud_guard_detector_recipes.activity data source
oci_cloud_guard_detector_recipes.configuration data source
oci_cloud_guard_detector_recipes.threat data source
oci_cloud_guard_responder_recipes.responder data source
oci_identity_regions.these data source
oci_identity_tenancy.this data source

Inputs

Name Description Type Default Required
cloud_guard_configuration Cloud Guard settings, for managing Cloud Guard resources in OCI. Please see the comments within each attribute for details. 
object({
    default_defined_tags = optional(map(string)) # the default defined tags that are applied to all resources managed by this module. Overriden by defined_tags attribute in each resource. 
    default_freeform_tags = optional(map(string)) # the default freeform tags that are applied to all resources managed by this module. Overriden by freeform_tags attribute in each resource. 
    reporting_region = optional(string) # the reporting region. It defaults to tenancy home region if undefined.
    self_manage_resources = optional(bool) # whether Oracle managed resources are created by customers. Default: false.
    cloned_recipes_prefix = optional(string) # a prefix to add to cloned recipes. Default: "oracle-cloned-".
    
    targets = optional(map(object({ # the Cloud Guard targets.
      compartment_id = optional(string) # the compartment where the Cloud Guard is created. It can be either the compartment OCID or a reference (a key) to the compartment OCID. It defaults to resource_id if resource_type is "COMPARTMENT".
      name = string # the Cloud Guard target name.
      resource_type = optional(string) # the resource type that Cloud Guard monitors. Valid values: "COMPARTMENT", "FACLOUD". Default: "COMPARTMENT".
      resource_id = string # the resource that Cloud Guard monitors. It can be either the resource OCID or a reference (a key) to a resource OCID. If the resource refers to a compartment, then Cloud Guard monitors the compartment and all its subcompartments.
      use_cloned_recipes = optional(bool) # whether the target should use clones of Oracle provided recipes. Default: false.
      defined_tags = optional(map(string)) # the target defined tags. default_defined_tags is used if undefined.
      freeform_tags = optional(map(string)) # the target freeform tags. default_freeform_tags is used if undefined.
    })))
  })
 null no
compartments_dependency A map of objects containing the externally managed compartments this module may depend on. All map objects must have the same type and must contain at least an 'id' attribute (representing the compartment OCID) of string type. 
map(object({
    id = string
  }))
 null no
detector_recipes_order The order in which detector recipes are created. Use this to avoid any Cloud Guard recipe replacements due to the reordering of detector recipes. By default, the module creates threat, then configuration, then activity recipes. The order can be observed in the terraform plan output. list(string) 
[
  "threat",
  "configuration",
  "activity"
]
 no
enable_output Whether Terraform should enable module output. bool true no
module_name The module name. string "cloud-guard" no
responder_recipes_order The order in which responder recipes are created. Use this to avoid any Cloud Guard recipe replacements due to the reordering of responder recipes. The order can be observed in the terraform plan output. list(string) 
[
  "default"
]
 no
tenancy_ocid The tenancy OCID. string n/a yes

Outputs

Name Description
cloned_activity_detector_recipe Cloned Cloud Guard activity detector recipe.
cloned_configuration_detector_recipe Cloned Cloud Guard configuration detector recipe.
cloned_responder_recipe Cloned Cloud Guard responder recipe.
cloned_threat_detector_recipe Cloned Cloud Guard threat detector recipe.
configuration Cloud Guard configuration information.
targets Cloud Guard target information.