Skip to content

Commit

Permalink
deprecated waf_log_setup resource and removed dnsms dataset (#504)
Browse files Browse the repository at this point in the history 
* deprecated waf_log_setup resource and removed dnsms dataset

* deprecated waf_log_setup resource and removed dnsms dataset

* deprecated waf_log_setup resource and removed dnsms dataset
  • Loading branch information
@JonathanLeeRiggs1
JonathanLeeRiggs1 authored Feb 2, 2025
1 parent 55ccb3d commit 14f1689
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 53 deletions.
10 changes: 2 additions & 8 deletions incapsula/resource_siem_log_configuration.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,6 @@ const AttackAnalyticsProvider = "ATTACK_ANALYTICS"

var AttackAnalyticsDatasets = []string{"WAF_ANALYTICS_LOGS"}

const DnsMsProvider = "DNSMS"

var DnsMsDatasets = []string{"DNSMS_SECURITY_LOGS"}

func resourceSiemLogConfiguration() *schema.Resource {
return &schema.Resource{
Create: resourceSiemLogConfigurationCreate,
Expand Down Expand Up @@ -79,14 +75,14 @@ func resourceSiemLogConfiguration() *schema.Resource {
Description: "Type of the producer.",
Type: schema.TypeString,
Required: true,
ValidateFunc: validation.StringInSlice([]string{AbpProvider, NetsecProvider, AtoProvider, AuditProvider, CspProvider, CloudWafProvider, AttackAnalyticsProvider, DnsMsProvider}, false),
ValidateFunc: validation.StringInSlice([]string{AbpProvider, NetsecProvider, AtoProvider, AuditProvider, CspProvider, CloudWafProvider, AttackAnalyticsProvider}, false),
},
"datasets": {
Description: "All datasets for the supported producers.",
Type: schema.TypeList,
Elem: &schema.Schema{
Type: schema.TypeString,
ValidateFunc: validation.StringInSlice([]string{AbpDatasets[0], NetsecDatasets[0], NetsecDatasets[1], NetsecDatasets[2], NetsecDatasets[3], NetsecDatasets[4], AtoDatasets[0], AuditDatasets[0], CspDatasets[0], CspDatasets[1], CspDatasets[2], CspDatasets[3], CspDatasets[4], CspDatasets[5], CloudWafDatasets[0], CloudWafDatasets[1], AttackAnalyticsDatasets[0], DnsMsDatasets[0]}, false),
ValidateFunc: validation.StringInSlice([]string{AbpDatasets[0], NetsecDatasets[0], NetsecDatasets[1], NetsecDatasets[2], NetsecDatasets[3], NetsecDatasets[4], AtoDatasets[0], AuditDatasets[0], CspDatasets[0], CspDatasets[1], CspDatasets[2], CspDatasets[3], CspDatasets[4], CspDatasets[5], CloudWafDatasets[0], CloudWafDatasets[1], AttackAnalyticsDatasets[0]}, false),
},
Required: true,
},
Expand Down Expand Up @@ -153,8 +149,6 @@ func resourceValidation(d *schema.ResourceData) error {
providerDatasets = CloudWafDatasets
} else if producer == AttackAnalyticsProvider {
providerDatasets = AttackAnalyticsDatasets
} else if producer == DnsMsProvider {
providerDatasets = DnsMsDatasets
}

for _, s := range datasets {
Expand Down
31 changes: 4 additions & 27 deletions incapsula/resource_siem_log_configuration_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ func TestSiemLogConfiguration_Basic(t *testing.T) {
CheckDestroy: testAccIncapsulaSiemLogConfigurationDestroy(siemLogConfigurationResourceType),
Steps: []resource.TestStep{
{
Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\"", "\"DNSMS_SECURITY_LOGS\""),
Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\""),
Check: resource.ComposeTestCheckFunc(
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_abp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_netsec"),
Expand All @@ -36,7 +36,6 @@ func TestSiemLogConfiguration_Basic(t *testing.T) {
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_csp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_cloudwaf"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_attackanalytics"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_dnsms"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "configuration_name", siemLogConfigurationName+"abp"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "producer", "ABP"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_netsec", "configuration_name", siemLogConfigurationName+"netsec"),
Expand All @@ -53,8 +52,6 @@ func TestSiemLogConfiguration_Basic(t *testing.T) {
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "configuration_name", siemLogConfigurationName+"attackanalytics"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "producer", "ATTACK_ANALYTICS"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "format", "CEF"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "configuration_name", siemLogConfigurationName+"dnsms"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "producer", "DNSMS"),
),
},
{
Expand Down Expand Up @@ -99,12 +96,6 @@ func TestSiemLogConfiguration_Basic(t *testing.T) {
ImportStateVerify: true,
ImportStateIdFunc: testACCStateSiemLogConfigurationID(siemLogConfigurationResourceType),
},
{
ResourceName: siemLogConfigurationResource + "_dnsms",
ImportState: true,
ImportStateVerify: true,
ImportStateIdFunc: testACCStateSiemLogConfigurationID(siemLogConfigurationResourceType),
},
},
})
}
Expand All @@ -119,7 +110,7 @@ func TestSiemLogConfiguration_Update(t *testing.T) {
CheckDestroy: testAccIncapsulaSiemLogConfigurationDestroy(siemLogConfigurationResourceType),
Steps: []resource.TestStep{
{
Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\"", "\"DNSMS_SECURITY_LOGS\""),
Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\""),
Check: resource.ComposeTestCheckFunc(
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_abp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_netsec"),
Expand All @@ -128,19 +119,17 @@ func TestSiemLogConfiguration_Update(t *testing.T) {
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_csp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_cloudwaf"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_attackanalytics"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_dnsms"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "configuration_name", siemLogConfigurationName+"abp"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_netsec", "configuration_name", siemLogConfigurationName+"netsec"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_ato", "configuration_name", siemLogConfigurationName+"ato"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_audit", "configuration_name", siemLogConfigurationName+"audit"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_csp", "configuration_name", siemLogConfigurationName+"csp"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_cloudwaf", "configuration_name", siemLogConfigurationName+"cloudwaf"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "configuration_name", siemLogConfigurationName+"attackanalytics"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "configuration_name", siemLogConfigurationName+"dnsms"),
),
},
{
Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationNameUpdated, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\"", "\"DNSMS_SECURITY_LOGS\""),
Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationNameUpdated, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\""),
Check: resource.ComposeTestCheckFunc(
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_abp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_netsec"),
Expand All @@ -149,22 +138,20 @@ func TestSiemLogConfiguration_Update(t *testing.T) {
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_csp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_cloudwaf"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_attackanalytics"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_dnsms"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "configuration_name", siemLogConfigurationNameUpdated+"abp"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_netsec", "configuration_name", siemLogConfigurationNameUpdated+"netsec"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_ato", "configuration_name", siemLogConfigurationNameUpdated+"ato"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_audit", "configuration_name", siemLogConfigurationNameUpdated+"audit"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_csp", "configuration_name", siemLogConfigurationNameUpdated+"csp"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_cloudwaf", "configuration_name", siemLogConfigurationNameUpdated+"cloudwaf"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "configuration_name", siemLogConfigurationNameUpdated+"attackanalytics"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "configuration_name", siemLogConfigurationNameUpdated+"dnsms"),
),
},
},
})
}

func getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName string, abpDatasets string, netsecDatasets string, atoDatasets string, auditDatasets string, cspDatasets string, cloudWafDatasets string, attackAnalyticsDatasets string, dnsMsDatasets string) string {
func getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName string, abpDatasets string, netsecDatasets string, atoDatasets string, auditDatasets string, cspDatasets string, cloudWafDatasets string, attackAnalyticsDatasets string) string {
return getAccIncapsulaS3ArnSiemConnectionConfigBasic(s3ArnSiemConnectionName, "data-platform-access-logs-dev/test/cwaf/51319839") + fmt.Sprintf(`
resource "%s" "%s" {
configuration_name = "%s"
Expand Down Expand Up @@ -237,16 +224,6 @@ func getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName str
}`,
siemLogConfigurationResourceType, siemLogConfigurationResourceName+"_attackanalytics", siemLogConfigurationName+"attackanalytics",
attackAnalyticsDatasets, siemConnectionResourceType, s3ArnSiemConnectionResourceName,
) + fmt.Sprintf(`
resource "%s" "%s" {
configuration_name = "%s"
producer = "DNSMS"
datasets = [%s]
enabled = true
connection_id = %s.%s.id
}`,
siemLogConfigurationResourceType, siemLogConfigurationResourceName+"_dnsms", siemLogConfigurationName+"dnsms",
dnsMsDatasets, siemConnectionResourceType, s3ArnSiemConnectionResourceName,
)
}

Expand Down
9 changes: 5 additions & 4 deletions incapsula/resource_waf_log_setup.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,11 @@ import (

func resourceWAFLogSetup() *schema.Resource {
return &schema.Resource{
Create: resourceWAFLogSetupCreate,
Read: resourceWAFLogSetupRead,
Update: resourceWAFLogSetupCreate,
Delete: resourceWAFLogSetupDelete,
DeprecationMessage: "This resource is deprecated. It will be removed in a future version. Please use resource incapsula_siem_log_configuration instead.",
Create: resourceWAFLogSetupCreate,
Read: resourceWAFLogSetupRead,
Update: resourceWAFLogSetupCreate,
Delete: resourceWAFLogSetupDelete,

Schema: map[string]*schema.Schema{
// Required Arguments
Expand Down
14 changes: 2 additions & 12 deletions website/docs/r/siem_log_configuration.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,24 +124,15 @@ NwIDAQAB
}
resource "incapsula_siem_log_configuration" "example_siem_log_configuration_csp"{
accountId = 1234567
configurationName = "DNSMS SIEM-LOGS configuration"
producer = "DNSMS"
datasets = ["DNSMS_SECURITY_LOGS"]
enabled = true
connectionId = incapsula_siem_connection.example_siem_connection_basic_auth.id
}
```

## Argument Reference

The following arguments are supported:
* `account_id` - (Optional) The account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.
* `configurationName` - (Required) Unique configuration name.
* `producer` - (Required) Provider type. Values: `ABP`, `NETSEC`, `ATO`, `AUDIT`, `CLOUD_WAF`, `ATTACK_ANALYTICS`, `DNSMS`
* `datasets` - (Required) An array of strings representing the type of logs. Values:<br /> `ABP` for provider type `ABP`<br /> `CONNECTION`, `NETFLOW`, `IP`, `ATTACK`,`NOTIFICATIONS` for provider type `NETSEC`<br /> `ATO` for provider type `ATO`<br /> `AUDIT_TRAIL` for provider type `AUDIT` <br /> `GOOGLE_ANALYTICS_IDS`, `SIGNIFICANT_DOMAIN_DISCOVERY`, `SIGNIFICANT_SCRIPT_DISCOVERY`, `SIGNIFICANT_DATA_TRANSFER_DISCOVERY`, `DOMAIN_DISCOVERY_ENFORCE_MODE`, `CSP_HEADER_HEALTH` for provider type `CSP`<br /> `WAF_RAW_LOGS`, `CLOUD_WAF_ACCESS` for provider type `CLOUD_WAF` <br /> `WAF_ANALYTICS_LOGS` for provider type `ATTACK_ANALYTICS`<br /> `DNSMS_SECURITY_LOGS` for provider type `DNSMS`
* `producer` - (Required) Provider type. Values: `ABP`, `NETSEC`, `ATO`, `AUDIT`, `CLOUD_WAF`, `ATTACK_ANALYTICS`
* `datasets` - (Required) An array of strings representing the type of logs. Values:<br /> `ABP` for provider type `ABP`<br /> `CONNECTION`, `NETFLOW`, `IP`, `ATTACK`,`NOTIFICATIONS` for provider type `NETSEC`<br /> `ATO` for provider type `ATO`<br /> `AUDIT_TRAIL` for provider type `AUDIT` <br /> `GOOGLE_ANALYTICS_IDS`, `SIGNIFICANT_DOMAIN_DISCOVERY`, `SIGNIFICANT_SCRIPT_DISCOVERY`, `SIGNIFICANT_DATA_TRANSFER_DISCOVERY`, `DOMAIN_DISCOVERY_ENFORCE_MODE`, `CSP_HEADER_HEALTH` for provider type `CSP`<br /> `WAF_RAW_LOGS`, `CLOUD_WAF_ACCESS` for provider type `CLOUD_WAF` <br /> `WAF_ANALYTICS_LOGS` for provider type `ATTACK_ANALYTICS`
* `enabled` - (Required) Boolean. Values: `true`/ `false`
* `connectionId` - (Required) Connection id associated with this log configuration
* `logs_level` - (Optional) Security log level - compatible only with CLOUD_WAF producer. Values: `NONE`, `FULL`, `SECURITY`
Expand All @@ -161,7 +152,6 @@ The following arguments are supported:
| CSP | GOOGLE_ANALYTICS_IDS, SIGNIFICANT_DOMAIN_DISCOVERY, SIGNIFICANT_SCRIPT_DISCOVERY, SIGNIFICANT_DATA_TRANSFER_DISCOVERY,DOMAIN_DISCOVERY_ENFORCE_MODE,CSP_HEADER_HEALTH |
| CLOUD_WAF | WAF_RAW_LOGS, CLOUD_WAF_ACCESS |
| ATTACK_ANALYTICS | WAF_ANALYTICS_LOGS |
| DNSMS | DNSMS_SECURITY_LOGS |


## Attributes Reference
Expand Down
7 changes: 6 additions & 1 deletion website/docs/r/waf_log_setup.html.markdown
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,15 @@
---
subcategory: "SIEM"
subcategory: "Deprecated"
layout: "incapsula"
page_title: "incapsula_waf_log_setup"
description: |-
Provides an Incapsula WAF Log Setup resource.
---
-> DEPRECATED: incapsula_waf_log_setup

This resource has been DEPRECATED. It will be removed in a future version.
Please use the current `incapsula_siem_log_configuration` for CWAF log configuration resource instead.
For SFTP Connection please use the current `incapsula_siem_sftp_connection` resource, and for S3 Connection please use the `incapsula_siem_s3_connection` resource.

# incapsula_waf_log_setup

Expand Down
2 changes: 1 addition & 1 deletion website/incapsula.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@
<a href="/docs/providers/incapsula/r/txt_record.html">incapsula_txt_record</a>
</li>
<li<%= sidebar_current("docs-incapsula-resource-waf_log_setup") %>>
<a href="/docs/providers/incapsula/r/waf_log_setup.html">incapsula_waf_log_setup</a>
<a href="/docs/providers/incapsula/r/waf_log_setup.html">incapsula_waf_log_setup (deprecated)</a>
</li>
<li<%= sidebar_current("docs-incapsula-resource-waf-security-rule") %>>
<a href="/docs/providers/incapsula/r/waf_security_rule.html">incapsula_waf_security_rule</a>
Expand Down

0 comments on commit 14f1689

Please sign in to comment.