Merge pull request #3 from hi-artem/feautre/release85

Release 0.8.5
hi-artem · Nov 11, 2022 · 2e84832 · 2e84832
2 parents cf47e3d + af2d85c
commit 2e84832
Show file tree

Hide file tree

Showing 11 changed files with 497 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,7 @@
 # Changelog
+## Version 0.8.5 - 2022-10-04
+#### Added
+- Add new resource to manage logging settings
 
 ## Version 0.5.0 - 2022-02-07
 #### Added

diff --git a/docs/index.md b/docs/index.md
@@ -40,19 +40,19 @@ Resources representing policies can become really long. It is often helpful to s
 variable "hosts" {
   default = [
     { 
-      name: "ec2-develop, 
+      name: "ec2-development", 
       compliance_check: [
         { id: 16 }
       ]
     },
     { 
-      name: "ec2-staging, 
+      name: "ec2-staging", 
       compliance_check: [
         { id: 16, block: true }
       ]
     },
     { 
-      name: "ec2-staging, 
+      name: "ec2-production", 
       compliance_check: [
         { id: 16, block: true },
         { id: 18, block: false }

diff --git a/docs/resources/logging_settings.md b/docs/resources/logging_settings.md
@@ -0,0 +1,79 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "prismacloudcompute_logging_settings Resource - terraform-provider-prismacloudcompute"
+subcategory: ""
+description: |-
+  
+---
+
+# prismacloudcompute_logging_settings (Resource)
+
+
+
+## Example Usage
+
+```terraform
+resource "prismacloudcompute_logging_settings" "enable_all" {
+  include_runtime_link = true
+  enable_metrics_collection = true
+  stdout {
+    enabled = true
+    verbose_scan = true
+    all_proc_events = true
+  }
+  syslog {
+    enabled = true
+    verbose_scan = true
+    all_proc_events = true
+    address = "https://api.datadoghq.com"
+    identifier = "prisma-syslog"
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `stdout` (Block List, Min: 1, Max: 1) Configuration for the stdout logging. (see [below for nested schema](#nestedblock--stdout))
+- `syslog` (Block List, Min: 1, Max: 1) Configuration for the syslog daemons of the underlying hosts. (see [below for nested schema](#nestedblock--syslog))
+
+### Optional
+
+- `console_address` (String) Prisma Cloud Compute console url.
+- `enable_metrics_collection` (Boolean) Enable prometheus instrumentation.
+- `include_runtime_link` (Boolean) Include link to runtime events.
+
+### Read-Only
+
+- `id` (String) The ID of the logging settings.
+
+<a id="nestedblock--stdout"></a>
+### Nested Schema for `stdout`
+
+Required:
+
+- `enabled` (Boolean) Enable syslog logging.
+
+Optional:
+
+- `all_proc_events` (Boolean) Detailed output of all process activity (not recommended).
+- `verbose_scan` (Boolean) Detailed output for vulnerabilities and compliance.
+
+
+<a id="nestedblock--syslog"></a>
+### Nested Schema for `syslog`
+
+Required:
+
+- `enabled` (Boolean) Enable syslog logging.
+
+Optional:
+
+- `address` (String) Send syslog messages to a network endpoint.
+- `all_proc_events` (Boolean) Detailed output of all process activity (not recommended).
+- `identifier` (String) Custom identifier to all syslog messages.
+- `verbose_scan` (Boolean) Detailed output for vulnerabilities and compliance.
+
+
diff --git a/examples/resources/prismacloudcompute_logging_settings/resource.tf b/examples/resources/prismacloudcompute_logging_settings/resource.tf
@@ -0,0 +1,16 @@
+resource "prismacloudcompute_logging_settings" "enable_all" {
+  include_runtime_link = true
+  enable_metrics_collection = true
+  stdout {
+    enabled = true
+    verbose_scan = true
+    all_proc_events = true
+  }
+  syslog {
+    enabled = true
+    verbose_scan = true
+    all_proc_events = true
+    address = "https://api.datadoghq.com"
+    identifier = "prisma-syslog"
+  }
+}
diff --git a/internal/api/settings/logging.go b/internal/api/settings/logging.go
@@ -0,0 +1,46 @@
+package settings
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/PaloAltoNetworks/terraform-provider-prismacloudcompute/internal/api"
+)
+
+const SettingsLoggingEndpoint = "api/v1/settings/logging"
+
+type LoggingSettings struct {
+	SysLog                  SyslogSpec `json:"syslog,omitempty"`
+	StdOut                  StdOutSpec `json:"stdout,omitempty"`
+	EnableMetricsCollection bool       `json:"enableMetricsCollection,omitempty"`
+	IncludeRuntimeLink      bool       `json:"includeRuntimeLink,omitempty"`
+	ConsoleAddress          string     `json:"consoleAddress,omitempty"`
+}
+
+type SyslogSpec struct {
+	Enabled       bool   `json:"enabled,omitempty"`
+	VerboseScan   bool   `json:"verboseScan,omitempty"`
+	AllProcEvents bool   `json:"allProcEvents,omitempty"`
+	Address       string `json:"addr,omitempty"`
+	ID            string `json:"id,omitempty"`
+}
+
+type StdOutSpec struct {
+	Enabled       bool `json:"enabled,omitempty"`
+	VerboseScan   bool `json:"verboseScan,omitempty"`
+	AllProcEvents bool `json:"allProcEvents,omitempty"`
+}
+
+// Get the current logging settings.
+func GetLoggingSettings(c api.Client) (LoggingSettings, error) {
+	var ans LoggingSettings
+	if err := c.Request(http.MethodGet, SettingsLoggingEndpoint, nil, nil, &ans); err != nil {
+		return ans, fmt.Errorf("error getting logging settings: %s", err)
+	}
+	return ans, nil
+}
+
+// Update the current logging settings.
+func UpdateLoggingSettings(c api.Client, settings LoggingSettings) error {
+	return c.Request(http.MethodPost, SettingsLoggingEndpoint, nil, settings, nil)
+}
diff --git a/internal/convert/logging.go b/internal/convert/logging.go
@@ -0,0 +1,63 @@
+package convert
+
+import (
+	"github.com/PaloAltoNetworks/terraform-provider-prismacloudcompute/internal/api/settings"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func SchemaToLoggingSettings(d *schema.ResourceData) (settings.LoggingSettings, error) {
+	loggingSettings := settings.LoggingSettings{}
+	loggingSettings.ConsoleAddress = d.Get("console_address").(string)
+	loggingSettings.IncludeRuntimeLink = d.Get("include_runtime_link").(bool)
+	loggingSettings.EnableMetricsCollection = d.Get("enable_metrics_collection").(bool)
+	sysLogElements := d.Get("syslog").([]interface{})
+	loggingSettings.SysLog = schemaToSysLogSpec(sysLogElements[0].(map[string]interface{}))
+	stdOutLogElements := d.Get("stdout").([]interface{})
+	loggingSettings.StdOut = schemaToStdOutSpec(stdOutLogElements[0].(map[string]interface{}))
+
+	return loggingSettings, nil
+}
+
+func schemaToSysLogSpec(d map[string]interface{}) settings.SyslogSpec {
+	logSpecToSchema := settings.SyslogSpec{}
+	logSpecToSchema.Address = d["address"].(string)
+	logSpecToSchema.AllProcEvents = d["all_proc_events"].(bool)
+	logSpecToSchema.Enabled = d["enabled"].(bool)
+	logSpecToSchema.VerboseScan = d["verbose_scan"].(bool)
+	logSpecToSchema.ID = d["identifier"].(string)
+
+	return logSpecToSchema
+}
+
+func schemaToStdOutSpec(d map[string]interface{}) settings.StdOutSpec {
+	logSpecToSchema := settings.StdOutSpec{}
+	logSpecToSchema.AllProcEvents = d["all_proc_events"].(bool)
+	logSpecToSchema.Enabled = d["enabled"].(bool)
+	logSpecToSchema.VerboseScan = d["verbose_scan"].(bool)
+
+	return logSpecToSchema
+}
+
+func SysLogSpecToSchema(in settings.SyslogSpec) []interface{} {
+	m := make(map[string]interface{})
+	m["enabled"] = in.Enabled
+	m["verbose_scan"] = in.VerboseScan
+	m["all_proc_events"] = in.AllProcEvents
+	m["address"] = in.Address
+	m["identifier"] = in.ID
+
+	s := make([]interface{}, 1)
+	s[0] = m
+	return s
+}
+
+func StdOutSpecToSchema(in settings.StdOutSpec) []interface{} {
+	m := make(map[string]interface{})
+	m["enabled"] = in.Enabled
+	m["verbose_scan"] = in.VerboseScan
+	m["all_proc_events"] = in.AllProcEvents
+
+	s := make([]interface{}, 1)
+	s[0] = m
+	return s
+}
diff --git a/internal/provider/common.go b/internal/provider/common.go
@@ -15,4 +15,5 @@ const (
 	policyTypeVulnerabilityHost       = "hostVulnerability"
 	policyTypeVulnerabilityImage      = "containerVulnerability"
 	feedTypeCustomMalware             = "customMalware"
+	settingsTypeLogging               = "logging"
 )
diff --git a/internal/provider/provider.go b/internal/provider/provider.go
@@ -76,6 +76,7 @@ func Provider() *schema.Provider {
 			"prismacloudcompute_credential":                       resourceCredentials(),
 			"prismacloudcompute_custom_compliance":                resourceCustomCompliance(),
 			"prismacloudcompute_custom_malware":                   resourceCustomMalwareFeed(),
+			"prismacloudcompute_logging_settings":                 resourceLoggingSettings(),
 		},
 
 		DataSourcesMap: map[string]*schema.Resource{