From 14f16895d3bcade1f98dd4b6fea696e25aceadfa Mon Sep 17 00:00:00 2001 From: jonathanJsonar Date: Sun, 2 Feb 2025 09:50:37 +0200 Subject: [PATCH] deprecated waf_log_setup resource and removed dnsms dataset (#504) * deprecated waf_log_setup resource and removed dnsms dataset * deprecated waf_log_setup resource and removed dnsms dataset * deprecated waf_log_setup resource and removed dnsms dataset --- incapsula/resource_siem_log_configuration.go | 10 ++---- .../resource_siem_log_configuration_test.go | 31 +++---------------- incapsula/resource_waf_log_setup.go | 9 +++--- .../r/siem_log_configuration.html.markdown | 14 ++------- website/docs/r/waf_log_setup.html.markdown | 7 ++++- website/incapsula.erb | 2 +- 6 files changed, 20 insertions(+), 53 deletions(-) diff --git a/incapsula/resource_siem_log_configuration.go b/incapsula/resource_siem_log_configuration.go index 288239f1..0802a2e9 100644 --- a/incapsula/resource_siem_log_configuration.go +++ b/incapsula/resource_siem_log_configuration.go @@ -36,10 +36,6 @@ const AttackAnalyticsProvider = "ATTACK_ANALYTICS" var AttackAnalyticsDatasets = []string{"WAF_ANALYTICS_LOGS"} -const DnsMsProvider = "DNSMS" - -var DnsMsDatasets = []string{"DNSMS_SECURITY_LOGS"} - func resourceSiemLogConfiguration() *schema.Resource { return &schema.Resource{ Create: resourceSiemLogConfigurationCreate, @@ -79,14 +75,14 @@ func resourceSiemLogConfiguration() *schema.Resource { Description: "Type of the producer.", Type: schema.TypeString, Required: true, - ValidateFunc: validation.StringInSlice([]string{AbpProvider, NetsecProvider, AtoProvider, AuditProvider, CspProvider, CloudWafProvider, AttackAnalyticsProvider, DnsMsProvider}, false), + ValidateFunc: validation.StringInSlice([]string{AbpProvider, NetsecProvider, AtoProvider, AuditProvider, CspProvider, CloudWafProvider, AttackAnalyticsProvider}, false), }, "datasets": { Description: "All datasets for the supported producers.", Type: schema.TypeList, Elem: &schema.Schema{ Type: schema.TypeString, - ValidateFunc: validation.StringInSlice([]string{AbpDatasets[0], NetsecDatasets[0], NetsecDatasets[1], NetsecDatasets[2], NetsecDatasets[3], NetsecDatasets[4], AtoDatasets[0], AuditDatasets[0], CspDatasets[0], CspDatasets[1], CspDatasets[2], CspDatasets[3], CspDatasets[4], CspDatasets[5], CloudWafDatasets[0], CloudWafDatasets[1], AttackAnalyticsDatasets[0], DnsMsDatasets[0]}, false), + ValidateFunc: validation.StringInSlice([]string{AbpDatasets[0], NetsecDatasets[0], NetsecDatasets[1], NetsecDatasets[2], NetsecDatasets[3], NetsecDatasets[4], AtoDatasets[0], AuditDatasets[0], CspDatasets[0], CspDatasets[1], CspDatasets[2], CspDatasets[3], CspDatasets[4], CspDatasets[5], CloudWafDatasets[0], CloudWafDatasets[1], AttackAnalyticsDatasets[0]}, false), }, Required: true, }, @@ -153,8 +149,6 @@ func resourceValidation(d *schema.ResourceData) error { providerDatasets = CloudWafDatasets } else if producer == AttackAnalyticsProvider { providerDatasets = AttackAnalyticsDatasets - } else if producer == DnsMsProvider { - providerDatasets = DnsMsDatasets } for _, s := range datasets { diff --git a/incapsula/resource_siem_log_configuration_test.go b/incapsula/resource_siem_log_configuration_test.go index eb50c08d..e48cdd72 100644 --- a/incapsula/resource_siem_log_configuration_test.go +++ b/incapsula/resource_siem_log_configuration_test.go @@ -27,7 +27,7 @@ func TestSiemLogConfiguration_Basic(t *testing.T) { CheckDestroy: testAccIncapsulaSiemLogConfigurationDestroy(siemLogConfigurationResourceType), Steps: []resource.TestStep{ { - Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\"", "\"DNSMS_SECURITY_LOGS\""), + Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\""), Check: resource.ComposeTestCheckFunc( testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_abp"), testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_netsec"), @@ -36,7 +36,6 @@ func TestSiemLogConfiguration_Basic(t *testing.T) { testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_csp"), testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_cloudwaf"), testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_attackanalytics"), - testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_dnsms"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "configuration_name", siemLogConfigurationName+"abp"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "producer", "ABP"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_netsec", "configuration_name", siemLogConfigurationName+"netsec"), @@ -53,8 +52,6 @@ func TestSiemLogConfiguration_Basic(t *testing.T) { resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "configuration_name", siemLogConfigurationName+"attackanalytics"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "producer", "ATTACK_ANALYTICS"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "format", "CEF"), - resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "configuration_name", siemLogConfigurationName+"dnsms"), - resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "producer", "DNSMS"), ), }, { @@ -99,12 +96,6 @@ func TestSiemLogConfiguration_Basic(t *testing.T) { ImportStateVerify: true, ImportStateIdFunc: testACCStateSiemLogConfigurationID(siemLogConfigurationResourceType), }, - { - ResourceName: siemLogConfigurationResource + "_dnsms", - ImportState: true, - ImportStateVerify: true, - ImportStateIdFunc: testACCStateSiemLogConfigurationID(siemLogConfigurationResourceType), - }, }, }) } @@ -119,7 +110,7 @@ func TestSiemLogConfiguration_Update(t *testing.T) { CheckDestroy: testAccIncapsulaSiemLogConfigurationDestroy(siemLogConfigurationResourceType), Steps: []resource.TestStep{ { - Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\"", "\"DNSMS_SECURITY_LOGS\""), + Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\""), Check: resource.ComposeTestCheckFunc( testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_abp"), testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_netsec"), @@ -128,7 +119,6 @@ func TestSiemLogConfiguration_Update(t *testing.T) { testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_csp"), testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_cloudwaf"), testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_attackanalytics"), - testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_dnsms"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "configuration_name", siemLogConfigurationName+"abp"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_netsec", "configuration_name", siemLogConfigurationName+"netsec"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_ato", "configuration_name", siemLogConfigurationName+"ato"), @@ -136,11 +126,10 @@ func TestSiemLogConfiguration_Update(t *testing.T) { resource.TestCheckResourceAttr(siemLogConfigurationResource+"_csp", "configuration_name", siemLogConfigurationName+"csp"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_cloudwaf", "configuration_name", siemLogConfigurationName+"cloudwaf"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "configuration_name", siemLogConfigurationName+"attackanalytics"), - resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "configuration_name", siemLogConfigurationName+"dnsms"), ), }, { - Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationNameUpdated, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\"", "\"DNSMS_SECURITY_LOGS\""), + Config: getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationNameUpdated, "\"ABP\"", "\"CONNECTION\", \"NETFLOW\"", "\"ATO\"", "\"AUDIT_TRAIL\"", "\"GOOGLE_ANALYTICS_IDS\", \"SIGNIFICANT_DOMAIN_DISCOVERY\", \"SIGNIFICANT_SCRIPT_DISCOVERY\", \"SIGNIFICANT_DATA_TRANSFER_DISCOVERY\", \"DOMAIN_DISCOVERY_ENFORCE_MODE\", \"CSP_HEADER_HEALTH\"", "\"CLOUD_WAF_ACCESS\", \"WAF_RAW_LOGS\"", "\"WAF_ANALYTICS_LOGS\""), Check: resource.ComposeTestCheckFunc( testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_abp"), testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_netsec"), @@ -149,7 +138,6 @@ func TestSiemLogConfiguration_Update(t *testing.T) { testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_csp"), testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_cloudwaf"), testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_attackanalytics"), - testCheckIncapsulaSiemLogConfigurationExists(siemLogConfigurationResource+"_dnsms"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_abp", "configuration_name", siemLogConfigurationNameUpdated+"abp"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_netsec", "configuration_name", siemLogConfigurationNameUpdated+"netsec"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_ato", "configuration_name", siemLogConfigurationNameUpdated+"ato"), @@ -157,14 +145,13 @@ func TestSiemLogConfiguration_Update(t *testing.T) { resource.TestCheckResourceAttr(siemLogConfigurationResource+"_csp", "configuration_name", siemLogConfigurationNameUpdated+"csp"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_cloudwaf", "configuration_name", siemLogConfigurationNameUpdated+"cloudwaf"), resource.TestCheckResourceAttr(siemLogConfigurationResource+"_attackanalytics", "configuration_name", siemLogConfigurationNameUpdated+"attackanalytics"), - resource.TestCheckResourceAttr(siemLogConfigurationResource+"_dnsms", "configuration_name", siemLogConfigurationNameUpdated+"dnsms"), ), }, }, }) } -func getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName string, abpDatasets string, netsecDatasets string, atoDatasets string, auditDatasets string, cspDatasets string, cloudWafDatasets string, attackAnalyticsDatasets string, dnsMsDatasets string) string { +func getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName string, abpDatasets string, netsecDatasets string, atoDatasets string, auditDatasets string, cspDatasets string, cloudWafDatasets string, attackAnalyticsDatasets string) string { return getAccIncapsulaS3ArnSiemConnectionConfigBasic(s3ArnSiemConnectionName, "data-platform-access-logs-dev/test/cwaf/51319839") + fmt.Sprintf(` resource "%s" "%s" { configuration_name = "%s" @@ -237,16 +224,6 @@ func getAccIncapsulaSiemLogConfigurationConfigBasic(siemLogConfigurationName str }`, siemLogConfigurationResourceType, siemLogConfigurationResourceName+"_attackanalytics", siemLogConfigurationName+"attackanalytics", attackAnalyticsDatasets, siemConnectionResourceType, s3ArnSiemConnectionResourceName, - ) + fmt.Sprintf(` - resource "%s" "%s" { - configuration_name = "%s" - producer = "DNSMS" - datasets = [%s] - enabled = true - connection_id = %s.%s.id - }`, - siemLogConfigurationResourceType, siemLogConfigurationResourceName+"_dnsms", siemLogConfigurationName+"dnsms", - dnsMsDatasets, siemConnectionResourceType, s3ArnSiemConnectionResourceName, ) } diff --git a/incapsula/resource_waf_log_setup.go b/incapsula/resource_waf_log_setup.go index 1c8775b4..c4d188ae 100644 --- a/incapsula/resource_waf_log_setup.go +++ b/incapsula/resource_waf_log_setup.go @@ -8,10 +8,11 @@ import ( func resourceWAFLogSetup() *schema.Resource { return &schema.Resource{ - Create: resourceWAFLogSetupCreate, - Read: resourceWAFLogSetupRead, - Update: resourceWAFLogSetupCreate, - Delete: resourceWAFLogSetupDelete, + DeprecationMessage: "This resource is deprecated. It will be removed in a future version. Please use resource incapsula_siem_log_configuration instead.", + Create: resourceWAFLogSetupCreate, + Read: resourceWAFLogSetupRead, + Update: resourceWAFLogSetupCreate, + Delete: resourceWAFLogSetupDelete, Schema: map[string]*schema.Schema{ // Required Arguments diff --git a/website/docs/r/siem_log_configuration.html.markdown b/website/docs/r/siem_log_configuration.html.markdown index 25667d32..4b58ce67 100644 --- a/website/docs/r/siem_log_configuration.html.markdown +++ b/website/docs/r/siem_log_configuration.html.markdown @@ -124,15 +124,6 @@ NwIDAQAB } -resource "incapsula_siem_log_configuration" "example_siem_log_configuration_csp"{ - accountId = 1234567 - configurationName = "DNSMS SIEM-LOGS configuration" - producer = "DNSMS" - datasets = ["DNSMS_SECURITY_LOGS"] - enabled = true - connectionId = incapsula_siem_connection.example_siem_connection_basic_auth.id - -} ``` ## Argument Reference @@ -140,8 +131,8 @@ resource "incapsula_siem_log_configuration" "example_siem_log_configuration_csp" The following arguments are supported: * `account_id` - (Optional) The account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. * `configurationName` - (Required) Unique configuration name. -* `producer` - (Required) Provider type. Values: `ABP`, `NETSEC`, `ATO`, `AUDIT`, `CLOUD_WAF`, `ATTACK_ANALYTICS`, `DNSMS` -* `datasets` - (Required) An array of strings representing the type of logs. Values:
`ABP` for provider type `ABP`
`CONNECTION`, `NETFLOW`, `IP`, `ATTACK`,`NOTIFICATIONS` for provider type `NETSEC`
`ATO` for provider type `ATO`
`AUDIT_TRAIL` for provider type `AUDIT`
`GOOGLE_ANALYTICS_IDS`, `SIGNIFICANT_DOMAIN_DISCOVERY`, `SIGNIFICANT_SCRIPT_DISCOVERY`, `SIGNIFICANT_DATA_TRANSFER_DISCOVERY`, `DOMAIN_DISCOVERY_ENFORCE_MODE`, `CSP_HEADER_HEALTH` for provider type `CSP`
`WAF_RAW_LOGS`, `CLOUD_WAF_ACCESS` for provider type `CLOUD_WAF`
`WAF_ANALYTICS_LOGS` for provider type `ATTACK_ANALYTICS`
`DNSMS_SECURITY_LOGS` for provider type `DNSMS` +* `producer` - (Required) Provider type. Values: `ABP`, `NETSEC`, `ATO`, `AUDIT`, `CLOUD_WAF`, `ATTACK_ANALYTICS` +* `datasets` - (Required) An array of strings representing the type of logs. Values:
`ABP` for provider type `ABP`
`CONNECTION`, `NETFLOW`, `IP`, `ATTACK`,`NOTIFICATIONS` for provider type `NETSEC`
`ATO` for provider type `ATO`
`AUDIT_TRAIL` for provider type `AUDIT`
`GOOGLE_ANALYTICS_IDS`, `SIGNIFICANT_DOMAIN_DISCOVERY`, `SIGNIFICANT_SCRIPT_DISCOVERY`, `SIGNIFICANT_DATA_TRANSFER_DISCOVERY`, `DOMAIN_DISCOVERY_ENFORCE_MODE`, `CSP_HEADER_HEALTH` for provider type `CSP`
`WAF_RAW_LOGS`, `CLOUD_WAF_ACCESS` for provider type `CLOUD_WAF`
`WAF_ANALYTICS_LOGS` for provider type `ATTACK_ANALYTICS` * `enabled` - (Required) Boolean. Values: `true`/ `false` * `connectionId` - (Required) Connection id associated with this log configuration * `logs_level` - (Optional) Security log level - compatible only with CLOUD_WAF producer. Values: `NONE`, `FULL`, `SECURITY` @@ -161,7 +152,6 @@ The following arguments are supported: | CSP | GOOGLE_ANALYTICS_IDS, SIGNIFICANT_DOMAIN_DISCOVERY, SIGNIFICANT_SCRIPT_DISCOVERY, SIGNIFICANT_DATA_TRANSFER_DISCOVERY,DOMAIN_DISCOVERY_ENFORCE_MODE,CSP_HEADER_HEALTH | | CLOUD_WAF | WAF_RAW_LOGS, CLOUD_WAF_ACCESS | | ATTACK_ANALYTICS | WAF_ANALYTICS_LOGS | -| DNSMS | DNSMS_SECURITY_LOGS | ## Attributes Reference diff --git a/website/docs/r/waf_log_setup.html.markdown b/website/docs/r/waf_log_setup.html.markdown index d7622c0c..40fade72 100644 --- a/website/docs/r/waf_log_setup.html.markdown +++ b/website/docs/r/waf_log_setup.html.markdown @@ -1,10 +1,15 @@ --- -subcategory: "SIEM" +subcategory: "Deprecated" layout: "incapsula" page_title: "incapsula_waf_log_setup" description: |- Provides an Incapsula WAF Log Setup resource. --- +-> DEPRECATED: incapsula_waf_log_setup + +This resource has been DEPRECATED. It will be removed in a future version. +Please use the current `incapsula_siem_log_configuration` for CWAF log configuration resource instead. +For SFTP Connection please use the current `incapsula_siem_sftp_connection` resource, and for S3 Connection please use the `incapsula_siem_s3_connection` resource. # incapsula_waf_log_setup diff --git a/website/incapsula.erb b/website/incapsula.erb index 4c5939dd..aff336ad 100644 --- a/website/incapsula.erb +++ b/website/incapsula.erb @@ -123,7 +123,7 @@ incapsula_txt_record > - incapsula_waf_log_setup + incapsula_waf_log_setup (deprecated) > incapsula_waf_security_rule