oci_cloud_guard_target
This resource provides the Target resource in Oracle Cloud Infrastructure Cloud Guard service.
Creates a new Target
Example Usage
resource "oci_cloud_guard_target" "test_target" {
#Required
compartment_id = var.compartment_id
display_name = var.target_display_name
target_resource_id = oci_cloud_guard_target_resource.test_target_resource.id
target_resource_type = var.target_target_resource_type
#Optional
defined_tags = {"foo-namespace.bar-key"= "value"}
description = var.target_description
freeform_tags = {"bar-key"= "value"}
state = var.target_state
target_detector_recipes {
#Required
detector_recipe_id = oci_cloud_guard_detector_recipe.test_detector_recipe.id
#Optional
detector_rules {
#Required
details {
#Optional
condition_groups {
#Required
compartment_id = var.compartment_id
condition = var.target_target_detector_recipes_detector_rules_details_condition_groups_condition
}
}
detector_rule_id = oci_events_rule.test_rule.id
}
}
target_responder_recipes {
#Required
responder_recipe_id = oci_cloud_guard_responder_recipe.test_responder_recipe.id
#Optional
responder_rules {
#Required
details {
#Optional
condition = var.target_target_responder_recipes_responder_rules_details_condition
configurations {
#Required
config_key = var.target_target_responder_recipes_responder_rules_details_configurations_config_key
name = var.target_target_responder_recipes_responder_rules_details_configurations_name
value = var.target_target_responder_recipes_responder_rules_details_configurations_value
}
mode = var.target_target_responder_recipes_responder_rules_details_mode
}
responder_rule_id = oci_events_rule.test_rule.id
}
}
}
Argument Reference
The following arguments are supported:
compartment_id
- (Required) Compartment Identifier where the resource is createddefined_tags
- (Optional) (Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:{"foo-namespace.bar-key": "value"}
description
- (Optional) The target description.Avoid entering confidential information.
display_name
- (Required) (Updatable) DetectorTemplate identifier.Avoid entering confidential information.
freeform_tags
- (Optional) (Updatable) Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:{"bar-key": "value"}
Avoid entering confidential information.
state
- (Optional) (Updatable) The current state of the DetectorRule.target_detector_recipes
- (Optional) (Updatable) List of detector recipes to associate with targetdetector_recipe_id
- (Required) Identifier for DetectorRecipe.detector_rules
- (Optional) (Updatable) Overrides to be applied to Detector Rule associated with the targetdetails
- (Required) (Updatable) Overriden settings of a Detector Rule applied on targetcondition_groups
- (Optional) (Updatable) Condition group corresponding to each compartmentcompartment_id
- (Required) (Updatable) compartment associated with conditioncondition
- (Required) (Updatable) Base condition object
detector_rule_id
- (Required) (Updatable) Identifier for DetectorRule.
target_resource_id
- (Required) Resource ID which the target uses to monitortarget_resource_type
- (Required) possible type of targets(COMPARTMENT/FACLOUD)target_responder_recipes
- (Optional) (Updatable) List of responder recipes to associate with targetresponder_recipe_id
- (Required) Identifier for ResponderRecipe.responder_rules
- (Optional) (Updatable) Override responder rules associated with reponder recipe in a target.details
- (Required) (Updatable) Details of ResponderRule.condition
- (Optional) (Updatable) Base condition objectconfigurations
- (Optional) (Updatable) Configurations associated with the ResponderRuleconfig_key
- (Required) (Updatable) Unique name of the configurationname
- (Required) (Updatable) configuration namevalue
- (Required) (Updatable) configuration value
mode
- (Optional) (Updatable) Execution Mode for ResponderRule
responder_rule_id
- (Required) (Updatable) Identifier for ResponderRule.
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Attributes Reference
The following attributes are exported:
compartment_id
- Compartment Identifier where the resource is createddefined_tags
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:{"foo-namespace.bar-key": "value"}
description
- The target description.display_name
- Target display name, can be renamed.freeform_tags
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:{"bar-key": "value"}
Avoid entering confidential information.
id
- Unique identifier that is immutable on creation.inherited_by_compartments
- List of inherited compartmentslifecyle_details
- A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in Failed state.recipe_count
- Total number of recipes attached to targetstate
- The current state of the Target.system_tags
- System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. System tags can be viewed by users, but can only be created by the system. Example:{"orcl-cloud.free-tier-retained": "true"}
target_details
- Details specific to the target type.security_zone_display_name
- The name of the security zone to associate this compartment with.security_zone_id
- The OCID of the security zone to associate this compartment with.target_resource_type
- Possible type of targets.target_security_zone_recipes
- The list of security zone recipes to associate this compartment with.compartment_id
- The id of the compartment that contains the recipedefined_tags
- Defined tags for this resource. Each key is predefined and scoped to a namespace. Example:{"foo-namespace.bar-key": "value"}
description
- The recipe’s descriptiondisplay_name
- The recipe’s namefreeform_tags
- Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example:{"bar-key": "value"}
Avoid entering confidential information.
id
- Unique identifier that is immutable on creationlifecycle_details
- A message describing the current state in more detail. For example, this can be used to provide actionable information for a recipe in theFailed
state.owner
- The owner of the recipesecurity_policies
- The list ofSecurityPolicy
ids that are included in the recipestate
- The current state of the recipesystem_tags
- System tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. System tags can be viewed by users, but can only be created by the system. Example:{"orcl-cloud.free-tier-retained": "true"}
time_created
- The time the recipe was created. An RFC3339 formatted datetime string.time_updated
- The time the recipe was last updated. An RFC3339 formatted datetime string.
target_detector_recipes
- List of detector recipes associated with targetcompartment_id
- compartmentId of detector recipedescription
- Detector recipe description.detector
- Type of detectordetector_recipe_id
- Unique identifier for Detector Recipe of which this is an extensiondetector_rules
- List of detector rules for the detector type for recipe - user inputdata_source_id
- The id of the attached DataSource.description
- Description for TargetDetectorRecipeDetectorRule. information.details
- Overriden settings of a Detector Rule applied on targetcondition_groups
- Condition group corresponding to each compartmentcompartment_id
- compartment associated with conditioncondition
- Base condition object
configurations
- Configuration detailsconfig_key
- Unique name of the configurationdata_type
- configuration data typename
- configuration namevalue
- configuration valuevalues
- List of configuration valueslist_type
- configuration list item type, either CUSTOM or MANAGEDmanaged_list_type
- type of the managed listvalue
- configuration value
is_configuration_allowed
- configuration allowed or notis_enabled
- Enables the controllabels
- user defined labels for a detector rulerisk_level
- The Risk Level
detector
- detector for the ruledetector_rule_id
- The unique identifier of the detector rule.display_name
- Display name for TargetDetectorRecipeDetectorRule. information.entities_mappings
- Data Source entities mapping for a Detector Ruledisplay_name
- The display name of entityentity_type
- Possible type of entityquery_field
- The entity value mapped to a data source query
lifecycle_details
- A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in Failed state.managed_list_types
- List of cloudguard managed list types related to this rulerecommendation
- Recommendation for TargetDetectorRecipeDetectorRuleresource_type
- resource type of the configuration to which the rule is appliedservice_type
- service type of the configuration to which the rule is appliedstate
- The current state of the DetectorRule.time_created
- The date and time the target detector recipe rule was created. Format defined by RFC3339.time_updated
- The date and time the target detector recipe rule was updated. Format defined by RFC3339.
display_name
- Display name of detector recipe.effective_detector_rules
- List of effective detector rules for the detector type for recipe after applying defaultsdata_source_id
- The id of the attached DataSource.description
- Description for TargetDetectorRecipeDetectorRule. information.details
- Overriden settings of a Detector Rule applied on targetcondition_groups
- Condition group corresponding to each compartmentcompartment_id
- compartment associated with conditioncondition
- Base condition object
configurations
- Configuration detailsconfig_key
- Unique name of the configurationdata_type
- configuration data typename
- configuration namevalue
- configuration valuevalues
- List of configuration valueslist_type
- configuration list item type, either CUSTOM or MANAGEDmanaged_list_type
- type of the managed listvalue
- configuration value
is_configuration_allowed
- configuration allowed or notis_enabled
- Enables the controllabels
- user defined labels for a detector rulerisk_level
- The Risk Level
detector
- detector for the ruledetector_rule_id
- The unique identifier of the detector rule.display_name
- Display name for TargetDetectorRecipeDetectorRule. information.entities_mappings
- Data Source entities mapping for a Detector Ruledisplay_name
- The display name of entityentity_type
- Possible type of entityquery_field
- The entity value mapped to a data source query
lifecycle_details
- A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in Failed state.managed_list_types
- List of cloudguard managed list types related to this rulerecommendation
- Recommendation for TargetDetectorRecipeDetectorRuleresource_type
- resource type of the configuration to which the rule is appliedservice_type
- service type of the configuration to which the rule is appliedstate
- The current state of the DetectorRule.time_created
- The date and time the target detector recipe rule was created. Format defined by RFC3339.time_updated
- The date and time the target detector recipe rule was updated. Format defined by RFC3339.
id
- Ocid for detector recipeowner
- Owner of detector recipestate
- The current state of the resource.time_created
- The date and time the target detector recipe was created. Format defined by RFC3339.time_updated
- The date and time the target detector recipe was updated. Format defined by RFC3339.
target_resource_id
- Resource ID which the target uses to monitortarget_resource_type
- possible type of targetstarget_responder_recipes
- List of responder recipes associated with targetcompartment_id
- Compartment Identifierdescription
- ResponderRecipe description.display_name
- ResponderRecipe display name.effective_responder_rules
- List of responder rules associated with the recipe after applying all defaultscompartment_id
- Compartment Identifierdescription
- ResponderRule description.details
- Details of ResponderRule.condition
- Base condition objectconfigurations
- ResponderRule configurationsconfig_key
- Unique name of the configurationname
- configuration namevalue
- configuration value
is_enabled
- Identifies state for ResponderRulemode
- Execution Mode for ResponderRule
display_name
- ResponderRule display name.lifecycle_details
- A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in Failed state.policies
- List of Policyresponder_rule_id
- Unique ResponderRule identifier.state
- The current state of the ResponderRule.supported_modes
- Supported Execution Modestime_created
- The date and time the target responder recipe rule was created. Format defined by RFC3339.time_updated
- The date and time the target responder recipe rule was updated. Format defined by RFC3339.type
- Type of Responder
id
- Unique identifier of TargetResponderRecipe that can’t be changed after creation.owner
- Owner of ResponderReciperesponder_recipe_id
- Unique identifier for Responder Recipe of which this is an extension.responder_rules
- List of responder rules associated with the recipe - user inputcompartment_id
- Compartment Identifierdescription
- ResponderRule description.details
- Details of ResponderRule.condition
- Base condition objectconfigurations
- ResponderRule configurationsconfig_key
- Unique name of the configurationname
- configuration namevalue
- configuration value
is_enabled
- Identifies state for ResponderRulemode
- Execution Mode for ResponderRule
display_name
- ResponderRule display name.lifecycle_details
- A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in Failed state.policies
- List of Policyresponder_rule_id
- Unique ResponderRule identifier.state
- The current state of the ResponderRule.supported_modes
- Supported Execution Modestime_created
- The date and time the target responder recipe rule was created. Format defined by RFC3339.time_updated
- The date and time the target responder recipe rule was updated. Format defined by RFC3339.type
- Type of Responder
time_created
- The date and time the target responder recipe rule was created. Format defined by RFC3339.time_updated
- The date and time the target responder recipe rule was updated. Format defined by RFC3339.
time_created
- The date and time the target was created. Format defined by RFC3339.time_updated
- The date and time the target was updated. Format defined by RFC3339.
Timeouts
The timeouts
block allows you to specify timeouts for certain operations:
* create
- (Defaults to 20 minutes), when creating the Target
* update
- (Defaults to 20 minutes), when updating the Target
* delete
- (Defaults to 20 minutes), when destroying the Target
Import
Targets can be imported using the id
, e.g.
$ terraform import oci_cloud_guard_target.test_target "id"