From d731d8b06ec608c266e96e96ac224a0b3f04d0e3 Mon Sep 17 00:00:00 2001 From: Whitney Smith Date: Wed, 4 Oct 2023 22:10:18 +0000 Subject: [PATCH] feat: Add short-lived instance scanning option to agentless terraform --- .../main.tf | 1 + .../main.tf | 1 + ...ce_lacework_integration_aws_agentless_scanning.go | 8 ++++++++ ...acework_integration_aws_org_agentless_scanning.go | 12 ++++++++++++ 4 files changed, 22 insertions(+) diff --git a/examples/resource_lacework_integration_aws_agentless_scanning/main.tf b/examples/resource_lacework_integration_aws_agentless_scanning/main.tf index dc43b6d0..84bc0105 100644 --- a/examples/resource_lacework_integration_aws_agentless_scanning/main.tf +++ b/examples/resource_lacework_integration_aws_agentless_scanning/main.tf @@ -14,6 +14,7 @@ resource "lacework_integration_aws_agentless_scanning" "example" { scan_host_vulnerabilities = true scan_multi_volume = false scan_stopped_instances = true + scan_short_lived_instances = false account_id = var.account_id bucket_arn = var.bucket_arn credentials { diff --git a/examples/resource_lacework_integration_aws_org_agentless_scanning/main.tf b/examples/resource_lacework_integration_aws_org_agentless_scanning/main.tf index b76a6f7a..19426a85 100644 --- a/examples/resource_lacework_integration_aws_org_agentless_scanning/main.tf +++ b/examples/resource_lacework_integration_aws_org_agentless_scanning/main.tf @@ -18,6 +18,7 @@ resource "lacework_integration_aws_org_agentless_scanning" "example" { scan_host_vulnerabilities = true scan_multi_volume = false scan_stopped_instances = true + scan_short_lived_instances = false account_id = var.account_id bucket_arn = var.bucket_arn scanning_account = var.scanning_account diff --git a/lacework/resource_lacework_integration_aws_agentless_scanning.go b/lacework/resource_lacework_integration_aws_agentless_scanning.go index 6950b6ad..d3944707 100644 --- a/lacework/resource_lacework_integration_aws_agentless_scanning.go +++ b/lacework/resource_lacework_integration_aws_agentless_scanning.go @@ -66,6 +66,12 @@ var awsAgentlessScanningIntegrationSchema = map[string]*schema.Schema{ Default: true, Description: "Whether to scan stopped instances (true)", }, + "scan_short_lived_instances": { + Type: schema.TypeBool, + Optional: true, + Default: false, + Description: "Whether to scan short-lived (ephemeral) instances", + }, "account_id": { Type: schema.TypeString, Optional: true, @@ -146,6 +152,7 @@ func resourceLaceworkIntegrationAwsAgentlessScanningCreate(d *schema.ResourceDat ScanHostVulnerabilities: d.Get("scan_host_vulnerabilities").(bool), ScanMultiVolume: d.Get("scan_multi_volume").(bool), ScanStoppedInstances: d.Get("scan_stopped_instances").(bool), + ScanShortLivedInstances: d.Get("scan_short_lived_instances").(bool), AccountID: d.Get("account_id").(string), BucketArn: d.Get("bucket_arn").(string), CrossAccountCreds: api.AwsSidekickCrossAccountCredentials{ @@ -253,6 +260,7 @@ func resourceLaceworkIntegrationAwsAgentlessScanningUpdate(d *schema.ResourceDat ScanHostVulnerabilities: d.Get("scan_host_vulnerabilities").(bool), ScanMultiVolume: d.Get("scan_multi_volume").(bool), ScanStoppedInstances: d.Get("scan_stopped_instances").(bool), + ScanShortLivedInstances: d.Get("scan_short_lived_instances").(bool), AccountID: d.Get("account_id").(string), BucketArn: d.Get("bucket_arn").(string), CrossAccountCreds: api.AwsSidekickCrossAccountCredentials{ diff --git a/lacework/resource_lacework_integration_aws_org_agentless_scanning.go b/lacework/resource_lacework_integration_aws_org_agentless_scanning.go index 648445fd..ac76d539 100644 --- a/lacework/resource_lacework_integration_aws_org_agentless_scanning.go +++ b/lacework/resource_lacework_integration_aws_org_agentless_scanning.go @@ -68,6 +68,12 @@ var awsOrgAgentlessScanningIntegrationSchema = map[string]*schema.Schema{ Default: true, Description: "Whether to scan stopped instances (true)", }, + "scan_short_lived_instances": { + Type: schema.TypeBool, + Optional: true, + Default: false, + Description: "Whether to scan short-lived (ephemeral) instances", + }, "account_id": { Type: schema.TypeString, Optional: true, @@ -202,6 +208,9 @@ func resourceLaceworkIntegrationAwsOrgAgentlessScanningCreate(d *schema.Resource ScanFrequency: d.Get("scan_frequency").(int), ScanContainers: d.Get("scan_containers").(bool), ScanHostVulnerabilities: d.Get("scan_host_vulnerabilities").(bool), + ScanMultiVolume: d.Get("scan_multi_volume").(bool), + ScanStoppedInstances: d.Get("scan_stopped_instances").(bool), + ScanShortLivedInstances: d.Get("scan_short_lived_instances").(bool), AccountID: d.Get("account_id").(string), BucketArn: d.Get("bucket_arn").(string), ScanningAccount: d.Get("scanning_account").(string), @@ -342,6 +351,9 @@ func resourceLaceworkIntegrationAwsOrgAgentlessScanningUpdate(d *schema.Resource ScanFrequency: d.Get("scan_frequency").(int), ScanContainers: d.Get("scan_containers").(bool), ScanHostVulnerabilities: d.Get("scan_host_vulnerabilities").(bool), + ScanMultiVolume: d.Get("scan_multi_volume").(bool), + ScanStoppedInstances: d.Get("scan_stopped_instances").(bool), + ScanShortLivedInstances: d.Get("scan_short_lived_instances").(bool), AccountID: d.Get("account_id").(string), BucketArn: d.Get("bucket_arn").(string), ScanningAccount: d.Get("scanning_account").(string),