Fix container_runtime_policy and host_runtime_policy examples

docs/resources/container_runtime_policy.md

@@ -39,25 +39,12 @@ resource "aquasec_container_runtime_policy" "container_runtime_policy" {
   ]
   block_cryptocurrency_mining = true
   block_fileless_exec = true
-  block_non_compliant_images    = true
   block_non_compliant_workloads = true
   block_non_k8s_containers = true
-  block_reverse_shell = true
-  reverse_shell_allowed_processes = [
-    "proc1",
-    "proc2"
-  ]
-  reverse_shell_allowed_ips = [
-    "ip1",
-    "ip2"
-  ]
-  block_unregistered_images     = true
   blocked_capabilities = [
     "AUDIT_CONTROL",
     "AUDIT_WRITE"
   ]
-  enable_ip_reputation_security = true
-  enable_drift_prevention       = true
   allowed_executables = [
     "exe",
     "bin",
@@ -115,15 +102,6 @@ resource "aquasec_container_runtime_policy" "container_runtime_policy" {
     "90",
     "9090"
   ]
-  enable_port_scan_detection = true
-  readonly_files_and_directories = [
-    "readonly",
-    "/dir/"
-  ]
-  exceptional_readonly_files_and_directories = [
-    "readonly2",
-    "/dir2/"
-  ]
   allowed_registries = [
     "registry1",
     "registry2"

docs/resources/host_runtime_policy.md

@@ -33,7 +33,6 @@ resource "aquasec_host_runtime_policy" "host_runtime_policy" {
   enforce = false
   block_cryptocurrency_mining = true
   audit_brute_force_login = true
-  enable_ip_reputation_security = true
   blocked_files = [
     "blocked",
   ]
@@ -70,31 +69,9 @@ resource "aquasec_host_runtime_policy" "host_runtime_policy" {
   package_block = [
     "package1"
   ]
-  port_scanning_detection = true
   monitor_system_time_changes = true
   monitor_windows_services    = true
   monitor_system_log_integrity = true
-  windows_registry_monitoring {
-    monitor_create      = true
-    monitor_read        = true
-    monitor_modify      = true
-    monitor_delete      = true
-    monitor_attributes  = true
-    monitored_paths     = ["paths"]
-    excluded_paths      = ["expaths"]
-    monitored_processes = ["process"]
-    excluded_processes  = ["exprocess"]
-    monitored_users     = ["user"]
-    excluded_users      = ["expuser"]
-  }
-  windows_registry_protection {
-    protected_paths     = ["paths"]
-    excluded_paths      = ["expaths"]
-    protected_processes = ["process"]
-    excluded_processes  = ["exprocess"]
-    protected_users     = ["user"]
-    excluded_users      = ["expuser"]
-  }
 }
 ```
 

examples/resources/aquasec_container_runtime_policy/resource.tf

@@ -24,25 +24,12 @@ resource "aquasec_container_runtime_policy" "container_runtime_policy" {
   ]
   block_cryptocurrency_mining = true
   block_fileless_exec = true
-  block_non_compliant_images    = true
   block_non_compliant_workloads = true
   block_non_k8s_containers = true
-  block_reverse_shell = true
-  reverse_shell_allowed_processes = [
-    "proc1",
-    "proc2"
-  ]
-  reverse_shell_allowed_ips = [
-    "ip1",
-    "ip2"
-  ]
-  block_unregistered_images     = true
   blocked_capabilities = [
     "AUDIT_CONTROL",
     "AUDIT_WRITE"
   ]
-  enable_ip_reputation_security = true
-  enable_drift_prevention       = true
   allowed_executables = [
     "exe",
     "bin",
@@ -100,15 +87,6 @@ resource "aquasec_container_runtime_policy" "container_runtime_policy" {
     "90",
     "9090"
   ]
-  enable_port_scan_detection = true
-  readonly_files_and_directories = [
-    "readonly",
-    "/dir/"
-  ]
-  exceptional_readonly_files_and_directories = [
-    "readonly2",
-    "/dir2/"
-  ]
   allowed_registries = [
     "registry1",
     "registry2"

examples/resources/aquasec_host_runtime_policy/resource.tf

@@ -18,7 +18,6 @@ resource "aquasec_host_runtime_policy" "host_runtime_policy" {
   enforce = false
   block_cryptocurrency_mining = true
   audit_brute_force_login = true
-  enable_ip_reputation_security = true
   blocked_files = [
     "blocked",
   ]
@@ -55,29 +54,7 @@ resource "aquasec_host_runtime_policy" "host_runtime_policy" {
   package_block = [
     "package1"
   ]
-  port_scanning_detection = true
   monitor_system_time_changes = true
   monitor_windows_services    = true
   monitor_system_log_integrity = true
-  windows_registry_monitoring {
-    monitor_create      = true
-    monitor_read        = true
-    monitor_modify      = true
-    monitor_delete      = true
-    monitor_attributes  = true
-    monitored_paths     = ["paths"]
-    excluded_paths      = ["expaths"]
-    monitored_processes = ["process"]
-    excluded_processes  = ["exprocess"]
-    monitored_users     = ["user"]
-    excluded_users      = ["expuser"]
-  }
-  windows_registry_protection {
-    protected_paths     = ["paths"]
-    excluded_paths      = ["expaths"]
-    protected_processes = ["process"]
-    excluded_processes  = ["exprocess"]
-    protected_users     = ["user"]
-    excluded_users      = ["expuser"]
-  }
 }