Closed hi-artem closed 2 years ago
Add custom rules resource to provider. This requires an update to pcc client, tracked by this pr https://github.com/PaloAltoNetworks/prisma-cloud-compute-go/pull/27
This feature is requested in #29
I used the following resource to test changes:
resource "prismacloudcompute_custom_rule" "test" { name = "basic-rule" description = "this is basic rule" message = "%proc.name doing stuff" type = "processes" script = "proc.name = \"cat\"" } resource "prismacloudcompute_custom_rule" "test_heredoc" { name = "less-basic-rule" description = "this is less basic rule" message = "%proc.name wrote to path" type = "filesystem" script = <<EOT // Example: // user modifies a sensitive file under /etc or its subfolders // proc.user != "root" and file.path startswith "/etc" proc.user != "crond" and file.path startswith "/var/spool" EOT }
Description
Add custom rules resource to provider. This requires an update to pcc client, tracked by this pr https://github.com/PaloAltoNetworks/prisma-cloud-compute-go/pull/27
Motivation and Context
This feature is requested in #29
How Has This Been Tested?
I used the following resource to test changes:
Types of changes
Checklist