diff --git a/incapsula/resource_siem_log_configuration.go b/incapsula/resource_siem_log_configuration.go
index 288239f1..0802a2e9 100644
--- a/incapsula/resource_siem_log_configuration.go
+++ b/incapsula/resource_siem_log_configuration.go
@@ -36,10 +36,6 @@ const AttackAnalyticsProvider = "ATTACK_ANALYTICS"
var AttackAnalyticsDatasets = []string{"WAF_ANALYTICS_LOGS"}
-const DnsMsProvider = "DNSMS"
-
-var DnsMsDatasets = []string{"DNSMS_SECURITY_LOGS"}
-
func resourceSiemLogConfiguration() *schema.Resource {
return &schema.Resource{
Create: resourceSiemLogConfigurationCreate,
@@ -79,14 +75,14 @@ func resourceSiemLogConfiguration() *schema.Resource {
Description: "Type of the producer.",
Type: schema.TypeString,
Required: true,
- ValidateFunc: validation.StringInSlice([]string{AbpProvider, NetsecProvider, AtoProvider, AuditProvider, CspProvider, CloudWafProvider, AttackAnalyticsProvider, DnsMsProvider}, false),
+ ValidateFunc: validation.StringInSlice([]string{AbpProvider, NetsecProvider, AtoProvider, AuditProvider, CspProvider, CloudWafProvider, AttackAnalyticsProvider}, false),
},
"datasets": {
Description: "All datasets for the supported producers.",
Type: schema.TypeList,
Elem: &schema.Schema{
Type: schema.TypeString,
- ValidateFunc: validation.StringInSlice([]string{AbpDatasets[0], NetsecDatasets[0], NetsecDatasets[1], NetsecDatasets[2], NetsecDatasets[3], NetsecDatasets[4], AtoDatasets[0], AuditDatasets[0], CspDatasets[0], CspDatasets[1], CspDatasets[2], CspDatasets[3], CspDatasets[4], CspDatasets[5], CloudWafDatasets[0], CloudWafDatasets[1], AttackAnalyticsDatasets[0], DnsMsDatasets[0]}, false),
+ ValidateFunc: validation.StringInSlice([]string{AbpDatasets[0], NetsecDatasets[0], NetsecDatasets[1], NetsecDatasets[2], NetsecDatasets[3], NetsecDatasets[4], AtoDatasets[0], AuditDatasets[0], CspDatasets[0], CspDatasets[1], CspDatasets[2], CspDatasets[3], CspDatasets[4], CspDatasets[5], CloudWafDatasets[0], CloudWafDatasets[1], AttackAnalyticsDatasets[0]}, false),
},
Required: true,
},
@@ -153,8 +149,6 @@ func resourceValidation(d *schema.ResourceData) error {
providerDatasets = CloudWafDatasets
} else if producer == AttackAnalyticsProvider {
providerDatasets = AttackAnalyticsDatasets
- } else if producer == DnsMsProvider {
- providerDatasets = DnsMsDatasets
}
for _, s := range datasets {
diff --git a/incapsula/resource_siem_log_configuration_test.go b/incapsula/resource_siem_log_configuration_test.go
index eb50c08d..e48cdd72 100644
--- a/incapsula/resource_siem_log_configuration_test.go
+++ b/incapsula/resource_siem_log_configuration_test.go
@@ -27,7 +27,7 @@ func TestSiemLogConfiguration_Basic(t *testing.T) {
CheckDestroy: testAccIncapsulaSiemLogConfigurationDestroy(siemLogConfigurationResourceType),
Steps: []resource.TestStep{
{
- Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\"", "\"DNSMS_SECURITY_LOGS\""),
+ Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\""),
Check: resource.ComposeTestCheckFunc(
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_abp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_netsec"),
@@ -36,7 +36,6 @@ func TestSiemLogConfiguration_Basic(t *testing.T) {
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_csp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_cloudwaf"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_attackanalytics"),
- testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_dnsms"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "configuration_name", siemLogConfigurationName+"abp"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "producer", "ABP"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_netsec", "configuration_name", siemLogConfigurationName+"netsec"),
@@ -53,8 +52,6 @@ func TestSiemLogConfiguration_Basic(t *testing.T) {
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "configuration_name", siemLogConfigurationName+"attackanalytics"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "producer", "ATTACK_ANALYTICS"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "format", "CEF"),
- resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "configuration_name", siemLogConfigurationName+"dnsms"),
- resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "producer", "DNSMS"),
),
},
{
@@ -99,12 +96,6 @@ func TestSiemLogConfiguration_Basic(t *testing.T) {
ImportStateVerify: true,
ImportStateIdFunc: testACCStateSiemLogConfigurationID(siemLogConfigurationResourceType),
},
- {
- ResourceName: siemLogConfigurationResource + "_dnsms",
- ImportState: true,
- ImportStateVerify: true,
- ImportStateIdFunc: testACCStateSiemLogConfigurationID(siemLogConfigurationResourceType),
- },
},
})
}
@@ -119,7 +110,7 @@ func TestSiemLogConfiguration_Update(t *testing.T) {
CheckDestroy: testAccIncapsulaSiemLogConfigurationDestroy(siemLogConfigurationResourceType),
Steps: []resource.TestStep{
{
- Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\"", "\"DNSMS_SECURITY_LOGS\""),
+ Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\""),
Check: resource.ComposeTestCheckFunc(
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_abp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_netsec"),
@@ -128,7 +119,6 @@ func TestSiemLogConfiguration_Update(t *testing.T) {
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_csp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_cloudwaf"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_attackanalytics"),
- testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_dnsms"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "configuration_name", siemLogConfigurationName+"abp"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_netsec", "configuration_name", siemLogConfigurationName+"netsec"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_ato", "configuration_name", siemLogConfigurationName+"ato"),
@@ -136,11 +126,10 @@ func TestSiemLogConfiguration_Update(t *testing.T) {
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_csp", "configuration_name", siemLogConfigurationName+"csp"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_cloudwaf", "configuration_name", siemLogConfigurationName+"cloudwaf"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "configuration_name", siemLogConfigurationName+"attackanalytics"),
- resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "configuration_name", siemLogConfigurationName+"dnsms"),
),
},
{
- Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationNameUpdated, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\"", "\"DNSMS_SECURITY_LOGS\""),
+ Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationNameUpdated, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\""),
Check: resource.ComposeTestCheckFunc(
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_abp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_netsec"),
@@ -149,7 +138,6 @@ func TestSiemLogConfiguration_Update(t *testing.T) {
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_csp"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_cloudwaf"),
testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_attackanalytics"),
- testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_dnsms"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "configuration_name", siemLogConfigurationNameUpdated+"abp"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_netsec", "configuration_name", siemLogConfigurationNameUpdated+"netsec"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_ato", "configuration_name", siemLogConfigurationNameUpdated+"ato"),
@@ -157,14 +145,13 @@ func TestSiemLogConfiguration_Update(t *testing.T) {
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_csp", "configuration_name", siemLogConfigurationNameUpdated+"csp"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_cloudwaf", "configuration_name", siemLogConfigurationNameUpdated+"cloudwaf"),
resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "configuration_name", siemLogConfigurationNameUpdated+"attackanalytics"),
- resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "configuration_name", siemLogConfigurationNameUpdated+"dnsms"),
),
},
},
})
}
-func getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName string, abpDatasets string, netsecDatasets string, atoDatasets string, auditDatasets string, cspDatasets string, cloudWafDatasets string, attackAnalyticsDatasets string, dnsMsDatasets string) string {
+func getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName string, abpDatasets string, netsecDatasets string, atoDatasets string, auditDatasets string, cspDatasets string, cloudWafDatasets string, attackAnalyticsDatasets string) string {
return getAccIncapsulaS3ArnSiemConnectionConfigBasic(s3ArnSiemConnectionName, "data-platform-access-logs-dev/test/cwaf/51319839") + fmt.Sprintf(`
resource "%s" "%s" {
configuration_name = "%s"
@@ -237,16 +224,6 @@ func getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName str
}`,
siemLogConfigurationResourceType, siemLogConfigurationResourceName+"_attackanalytics", siemLogConfigurationName+"attackanalytics",
attackAnalyticsDatasets, siemConnectionResourceType, s3ArnSiemConnectionResourceName,
- ) + fmt.Sprintf(`
- resource "%s" "%s" {
- configuration_name = "%s"
- producer = "DNSMS"
- datasets = [%s]
- enabled = true
- connection_id = %s.%s.id
- }`,
- siemLogConfigurationResourceType, siemLogConfigurationResourceName+"_dnsms", siemLogConfigurationName+"dnsms",
- dnsMsDatasets, siemConnectionResourceType, s3ArnSiemConnectionResourceName,
)
}
diff --git a/incapsula/resource_waf_log_setup.go b/incapsula/resource_waf_log_setup.go
index 1c8775b4..c4d188ae 100644
--- a/incapsula/resource_waf_log_setup.go
+++ b/incapsula/resource_waf_log_setup.go
@@ -8,10 +8,11 @@ import (
func resourceWAFLogSetup() *schema.Resource {
return &schema.Resource{
- Create: resourceWAFLogSetupCreate,
- Read: resourceWAFLogSetupRead,
- Update: resourceWAFLogSetupCreate,
- Delete: resourceWAFLogSetupDelete,
+ DeprecationMessage: "This resource is deprecated. It will be removed in a future version. Please use resource incapsula_siem_log_configuration instead.",
+ Create: resourceWAFLogSetupCreate,
+ Read: resourceWAFLogSetupRead,
+ Update: resourceWAFLogSetupCreate,
+ Delete: resourceWAFLogSetupDelete,
Schema: map[string]*schema.Schema{
// Required Arguments
diff --git a/website/docs/r/siem_log_configuration.html.markdown b/website/docs/r/siem_log_configuration.html.markdown
index 25667d32..4b58ce67 100644
--- a/website/docs/r/siem_log_configuration.html.markdown
+++ b/website/docs/r/siem_log_configuration.html.markdown
@@ -124,15 +124,6 @@ NwIDAQAB
}
-resource "incapsula_siem_log_configuration" "example_siem_log_configuration_csp"{
- accountId = 1234567
- configurationName = "DNSMS SIEM-LOGS configuration"
- producer = "DNSMS"
- datasets = ["DNSMS_SECURITY_LOGS"]
- enabled = true
- connectionId = incapsula_siem_connection.example_siem_connection_basic_auth.id
-
-}
```
## Argument Reference
@@ -140,8 +131,8 @@ resource "incapsula_siem_log_configuration" "example_siem_log_configuration_csp"
The following arguments are supported:
* `account_id` - (Optional) The account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.
* `configurationName` - (Required) Unique configuration name.
-* `producer` - (Required) Provider type. Values: `ABP`, `NETSEC`, `ATO`, `AUDIT`, `CLOUD_WAF`, `ATTACK_ANALYTICS`, `DNSMS`
-* `datasets` - (Required) An array of strings representing the type of logs. Values:
`ABP` for provider type `ABP`
`CONNECTION`, `NETFLOW`, `IP`, `ATTACK`,`NOTIFICATIONS` for provider type `NETSEC`
`ATO` for provider type `ATO`
`AUDIT_TRAIL` for provider type `AUDIT`
`GOOGLE_ANALYTICS_IDS`, `SIGNIFICANT_DOMAIN_DISCOVERY`, `SIGNIFICANT_SCRIPT_DISCOVERY`, `SIGNIFICANT_DATA_TRANSFER_DISCOVERY`, `DOMAIN_DISCOVERY_ENFORCE_MODE`, `CSP_HEADER_HEALTH` for provider type `CSP`
`WAF_RAW_LOGS`, `CLOUD_WAF_ACCESS` for provider type `CLOUD_WAF`
`WAF_ANALYTICS_LOGS` for provider type `ATTACK_ANALYTICS`
`DNSMS_SECURITY_LOGS` for provider type `DNSMS`
+* `producer` - (Required) Provider type. Values: `ABP`, `NETSEC`, `ATO`, `AUDIT`, `CLOUD_WAF`, `ATTACK_ANALYTICS`
+* `datasets` - (Required) An array of strings representing the type of logs. Values:
`ABP` for provider type `ABP`
`CONNECTION`, `NETFLOW`, `IP`, `ATTACK`,`NOTIFICATIONS` for provider type `NETSEC`
`ATO` for provider type `ATO`
`AUDIT_TRAIL` for provider type `AUDIT`
`GOOGLE_ANALYTICS_IDS`, `SIGNIFICANT_DOMAIN_DISCOVERY`, `SIGNIFICANT_SCRIPT_DISCOVERY`, `SIGNIFICANT_DATA_TRANSFER_DISCOVERY`, `DOMAIN_DISCOVERY_ENFORCE_MODE`, `CSP_HEADER_HEALTH` for provider type `CSP`
`WAF_RAW_LOGS`, `CLOUD_WAF_ACCESS` for provider type `CLOUD_WAF`
`WAF_ANALYTICS_LOGS` for provider type `ATTACK_ANALYTICS`
* `enabled` - (Required) Boolean. Values: `true`/ `false`
* `connectionId` - (Required) Connection id associated with this log configuration
* `logs_level` - (Optional) Security log level - compatible only with CLOUD_WAF producer. Values: `NONE`, `FULL`, `SECURITY`
@@ -161,7 +152,6 @@ The following arguments are supported:
| CSP | GOOGLE_ANALYTICS_IDS, SIGNIFICANT_DOMAIN_DISCOVERY, SIGNIFICANT_SCRIPT_DISCOVERY, SIGNIFICANT_DATA_TRANSFER_DISCOVERY,DOMAIN_DISCOVERY_ENFORCE_MODE,CSP_HEADER_HEALTH |
| CLOUD_WAF | WAF_RAW_LOGS, CLOUD_WAF_ACCESS |
| ATTACK_ANALYTICS | WAF_ANALYTICS_LOGS |
-| DNSMS | DNSMS_SECURITY_LOGS |
## Attributes Reference
diff --git a/website/docs/r/waf_log_setup.html.markdown b/website/docs/r/waf_log_setup.html.markdown
index d7622c0c..40fade72 100644
--- a/website/docs/r/waf_log_setup.html.markdown
+++ b/website/docs/r/waf_log_setup.html.markdown
@@ -1,10 +1,15 @@
---
-subcategory: "SIEM"
+subcategory: "Deprecated"
layout: "incapsula"
page_title: "incapsula_waf_log_setup"
description: |-
Provides an Incapsula WAF Log Setup resource.
---
+-> DEPRECATED: incapsula_waf_log_setup
+
+This resource has been DEPRECATED. It will be removed in a future version.
+Please use the current `incapsula_siem_log_configuration` for CWAF log configuration resource instead.
+For SFTP Connection please use the current `incapsula_siem_sftp_connection` resource, and for S3 Connection please use the `incapsula_siem_s3_connection` resource.
# incapsula_waf_log_setup
diff --git a/website/incapsula.erb b/website/incapsula.erb
index 4c5939dd..aff336ad 100644
--- a/website/incapsula.erb
+++ b/website/incapsula.erb
@@ -123,7 +123,7 @@
incapsula_txt_record
>
- incapsula_waf_log_setup
+ incapsula_waf_log_setup (deprecated)
>
incapsula_waf_security_rule