release: add registry example and increasing version to 0.8.17

DEVELOPMENT.md

@@ -32,7 +32,7 @@ git clone https://github.com/aquasecurity/terraform-provider-aquasec.git
 
 cd terraform-provider-aquasec
 
-git checkout v0.8.16
+git checkout v0.8.17
 ```
 
 **Build and install the provider**
@@ -55,7 +55,7 @@ In order to test the provider installed locally, the provider block will have to
 terraform {
   required_providers {
     aquasec = {
-      version = "0.8.16"
+      version = "0.8.17"
       source  = "terraform-provider-aquasec/aquasec/aquasec"
     }
   }

GNUmakefile

@@ -6,7 +6,7 @@ HOSTNAME	 := github.com
 NAMESPACE	 := aquasec
 NAME 		 := aquasec
 BINARY		 := terraform-provider-${NAME}
-VERSION      := 0.8.16
+VERSION      := 0.8.17
 OS_ARCH      := $(shell go env GOOS)_$(shell go env GOARCH)
 
 default: build

README.md

@@ -40,7 +40,7 @@ To quickly get started using the Aquasec provider for Terraform, configure the p
 terraform {
   required_providers {
     aquasec = {
-      version = "0.8.16"
+      version = "0.8.17"
       source  = "aquasecurity/aquasec"
     }
   }

aquasec/resource_permission_set_test.go

@@ -17,7 +17,7 @@ func TestAquasecPermissionSetManagement(t *testing.T) {
 	author := "system"
 	ui_access := true
 	is_super := false
-	actions := "risks.vulnerabilities.read"
+	actions := "risks.vulnerabilities.read,images.read"
 
 	if isSaasEnv() {
 		author = os.Getenv("AQUA_USER")

docs/index.md

@@ -21,7 +21,7 @@ Use the navigation to the left to read about the available resources and data so
 terraform {
   required_providers {
     aquasec = {
-      version = "0.8.16"
+      version = "0.8.17"
       source  = "aquasecurity/aquasec"
     }
   }

docs/resources/container_runtime_policy.md

@@ -16,6 +16,20 @@ description: |-
 resource "aquasec_container_runtime_policy" "container_runtime_policy" {
   name = "container_runtime_policy"
   description = "container_runtime_policy"
+  scope_expression = "v1 || v2"
+  scope_variables {
+    attribute = "kubernetes.cluster"
+    value = "default"
+  }
+  scope_variables {
+      attribute = "kubernetes.label"
+      name = "app"
+      value = "aqua"
+  }
+
+  application_scopes = [
+    "Global",
+  ]
   enabled = true
   enforce = false
   block_container_exec          = true
@@ -56,6 +70,11 @@ resource "aquasec_container_runtime_policy" "container_runtime_policy" {
     "test1",
     "test2"
   ]
+  malware_scan_options {
+    enabled = true
+    action = "alert"
+    #exclude_directories = [ "/var/run/" ]
+  }
   file_integrity_monitoring {
     monitor_create      = true
     monitor_read        = true

docs/resources/function_runtime_policy.md

@@ -16,6 +16,19 @@ description: |-
 resource "aquasec_function_runtime_policy" "function_runtime_policy" {
   name = "function_runtime_policys"
   description = "function_runtime_policy"
+  scope_variables {
+    attribute = "kubernetes.cluster"
+    value = "default"
+  }
+  scope_variables {
+      attribute = "kubernetes.label"
+      name = "app"
+      value = "aqua"
+  }
+
+  application_scopes = [
+    "Global",
+  ]
   enabled = true
   enforce = false
   block_malicious_executables = true

docs/resources/host_runtime_policy.md

@@ -16,6 +16,19 @@ description: |-
 resource "aquasec_host_runtime_policy" "host_runtime_policy" {
   name = "host_runtime_policy"
   description = "host_runtime_policy"
+  scope_variables {
+    attribute = "kubernetes.cluster"
+    value = "default"
+  }
+  scope_variables {
+      attribute = "kubernetes.label"
+      name = "app"
+      value = "aqua"
+  }
+
+  application_scopes = [
+    "Global",
+  ]
   enabled = true
   enforce = false
   block_cryptocurrency_mining = true

docs/resources/integration_registry.md

@@ -10,7 +10,78 @@ description: |-
 
 
 
-
+## Example Usage
+
+```terraform
+resource "aquasec_integration_registry" "integration_registry" {
+    name = "integration_registry"
+    type = "AWS"
+    advanced_settings_cleanup = false
+    always_pull_patterns = []
+    author = "[email protected]"
+    auto_cleanup = false
+    auto_pull = true
+    auto_pull_interval = 1
+    auto_pull_latest_xff_enabled = false
+    auto_pull_max = 100
+    auto_pull_rescan = false
+    auto_pull_time = "08:45"
+    description = "Automatically discovered registry"
+    detected_type = 4
+    image_creation_date_condition = "image_count"
+
+    options = [
+        {
+            option = "ARNRole"
+            value    = "arn:aws:iam::000000000000:role/aqua-AAAAABBBBCCCDDD-EEEEFFFFGGGG"
+        },
+        {
+            option = "TestImagePull"
+        },
+        {
+            option = "sts:ExternalId"
+            value    = "00000e2a-5353-4ddd-bbbb-ccc"
+        }
+    ]
+
+    permission = ""
+
+    prefixes = [
+        "111111111111.dkr.ecr.us-east-1.amazonaws.com"
+    ]
+
+    pull_image_age = "0D"
+    pull_image_count = 3
+    pull_image_tag_pattern = []
+    pull_max_tags = 0
+    pull_repo_patterns = null
+    pull_repo_patterns_excluded = []
+    pull_tag_patterns = null
+
+    registries_type = "cloud"
+    registry_scan_timeout = 0
+
+    scanner_name = [
+        "aqua-scanner-222222-cl9qx",
+        "aqua-scanner-111111-fstrc",
+        "513882222222"
+    ]
+
+    scanner_type = "specific"
+
+    url = "ap-northeast-1"
+
+    username = ""
+
+    webhook {
+        auth_token        = ""
+        enabled             = false
+        un_quarantine = false
+        url                     = ""
+    }
+
+}
+```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema

examples/data-sources/main.tf

@@ -1,7 +1,7 @@
 terraform {
   required_providers {
     aquasec = {
-      //      version = "0.8.16"
+      //      version = "0.8.17"
       source  = "aquasecurity/aquasec"
     }
   }

examples/provider/provider.tf

@@ -1,7 +1,7 @@
 terraform {
   required_providers {
     aquasec = {
-      version = "0.8.16"
+      version = "0.8.17"
       source  = "aquasecurity/aquasec"
     }
   }

examples/resources/aquasec_integration_registry/resource.tf

@@ -0,0 +1,69 @@
+resource "aquasec_integration_registry" "integration_registry" {
+    name = "integration_registry"
+    type = "AWS"
+    advanced_settings_cleanup = false
+    always_pull_patterns = []
+    author = "[email protected]"
+    auto_cleanup = false
+    auto_pull = true
+    auto_pull_interval = 1
+    auto_pull_latest_xff_enabled = false
+    auto_pull_max = 100
+    auto_pull_rescan = false
+    auto_pull_time = "08:45"
+    description = "Automatically discovered registry"
+    detected_type = 4
+    image_creation_date_condition = "image_count"
+
+    options = [
+        {
+            option = "ARNRole"
+            value    = "arn:aws:iam::000000000000:role/aqua-AAAAABBBBCCCDDD-EEEEFFFFGGGG"
+        },
+        {
+            option = "TestImagePull"
+        },
+        {
+            option = "sts:ExternalId"
+            value    = "00000e2a-5353-4ddd-bbbb-ccc"
+        }
+    ]
+
+    permission = ""
+
+    prefixes = [
+        "111111111111.dkr.ecr.us-east-1.amazonaws.com"
+    ]
+
+    pull_image_age = "0D"
+    pull_image_count = 3
+    pull_image_tag_pattern = []
+    pull_max_tags = 0
+    pull_repo_patterns = null
+    pull_repo_patterns_excluded = []
+    pull_tag_patterns = null
+
+    registries_type = "cloud"
+    registry_scan_timeout = 0
+
+    scanner_name = [
+        "aqua-scanner-222222-cl9qx",
+        "aqua-scanner-111111-fstrc",
+        "513882222222"
+    ]
+
+    scanner_type = "specific"
+
+    url = "ap-northeast-1"
+
+    username = ""
+
+    webhook {
+        auth_token        = ""
+        enabled             = false
+        un_quarantine = false
+        url                     = ""
+    }
+
+}
+

examples/resources/main.tf

@@ -1,7 +1,7 @@
 terraform {
   required_providers {
     aquasec = {
-      //      version = "0.8.16"
+      //      version = "0.8.17"
       source  = "aquasecurity/aquasec"
     }
   }