⭐️ new resource mondoo_exception

Signed-off-by: Matthias Theuermann <[email protected]>
mondoohq · Dec 16, 2024 · d5dd44d · d5dd44d
1 parent b50b561
commit d5dd44d
Show file tree

Hide file tree

Showing 7 changed files with 452 additions and 0 deletions.
diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt
@@ -35,6 +35,7 @@ qpbi
 querypack
 Qwc
 scim
+startswith
 Tcy
 testacc
 TEzu

diff --git a/docs/resources/exception.md b/docs/resources/exception.md
@@ -0,0 +1,55 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "mondoo_exception Resource - terraform-provider-mondoo"
+subcategory: ""
+description: |-
+  Set custom exceptions for a Scope.
+---
+
+# mondoo_exception (Resource)
+
+Set custom exceptions for a Scope.
+
+## Example Usage
+
+```terraform
+variable "space_id" {
+  type        = string
+  description = "The ID of the mondoo space."
+}
+
+provider "mondoo" {
+  region = "eu"
+  space  = var.space_id
+}
+
+data "mondoo_assets" "assets_data" {
+  space_id = var.space_id
+}
+
+locals {
+  ssl_asset = [for asset in data.mondoo_assets.assets_data.assets : asset if startswith(asset.name, "https")]
+  asset_id  = one(local.ssl_asset).id
+}
+
+
+resource "mondoo_exception" "exception" {
+  scope_mrn     = "//assets.api.mondoo.app/spaces/${var.space_id}/assets/${local.asset_id}"
+  valid_until   = "2024-12-11"
+  justification = "testing"
+  action        = "SNOOZE"
+  check_mrns    = ["//policy.api.mondoo.app/queries/mondoo-tls-security-mitigate-beast"]
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Optional
+
+- `action` (String) The action to perform. Default is `SNOOZE`. Other options are `ENABLE`, `DISABLE`, `OUT_OF_SCOPE`.
+- `check_mrns` (List of String) List of check MRNs to set exceptions for. If set, `vulnerability_mrns` must not be set.
+- `justification` (String) Description why the exception is required.
+- `scope_mrn` (String) The MRN of the scope (either asset mrn or space mrn).
+- `valid_until` (String) The timestamp until the exception is valid.
+- `vulnerability_mrns` (List of String) List of vulnerability MRNs to set exceptions for. If set, `check_mrns` must not be set.
diff --git a/examples/resources/mondoo_exception/main.tf b/examples/resources/mondoo_exception/main.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    mondoo = {
+      source  = "mondoohq/mondoo"
+      version = ">= 0.19"
+    }
+  }
+}
diff --git a/examples/resources/mondoo_exception/resource.tf b/examples/resources/mondoo_exception/resource.tf
@@ -0,0 +1,27 @@
+variable "space_id" {
+  type        = string
+  description = "The ID of the mondoo space."
+}
+
+provider "mondoo" {
+  region = "eu"
+  space  = var.space_id
+}
+
+data "mondoo_assets" "assets_data" {
+  space_id = var.space_id
+}
+
+locals {
+  ssl_asset = [for asset in data.mondoo_assets.assets_data.assets : asset if startswith(asset.name, "https")]
+  asset_id  = one(local.ssl_asset).id
+}
+
+
+resource "mondoo_exception" "exception" {
+  scope_mrn     = "//assets.api.mondoo.app/spaces/${var.space_id}/assets/${local.asset_id}"
+  valid_until   = "2024-12-11"
+  justification = "testing"
+  action        = "SNOOZE"
+  check_mrns    = ["//policy.api.mondoo.app/queries/mondoo-tls-security-mitigate-beast"]
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -35,6 +35,7 @@ qpbi @@
     querypack
     Qwc
     scim
+    startswith
     Tcy
     testacc
     TEzu
@@ Expand Down @@