Skip to content

Commit

Permalink
feat(RAIN-92781): Add provider for AzureAdAl integration (#623)
Browse files Browse the repository at this point in the history
* feat(RAIN-92781): Add provider for AzureAdAl integration

Signed-off-by: rubindersingh <rubinder.singh@lacework.net>

* feat(RAIN-92781): Add provider for AzureAdAl integration

- Fix doc warning

Signed-off-by: rubindersingh <rubinder.singh@lacework.net>

---------

Signed-off-by: rubindersingh <rubinder.singh@lacework.net>
  • Loading branch information
rubinder-lw authored May 21, 2024
1 parent e33faa4 commit f7da529
Show file tree
Hide file tree
Showing 6 changed files with 383 additions and 0 deletions.
59 changes: 59 additions & 0 deletions docs/resources/integration_azure_ad_al.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
---
subcategory: "Cloud Account Integrations"
layout: "lacework"
page_title: "Lacework: lacework_integration_azure_ad_al"
description: |-
Create and manage Azure Active Directory Activity Log integrations
---

# lacework\_integration\_azure\_ad\_al

!> **Warning:** This integration is not yet generally available. Please contact your Lacework account team to request access to the Azure AD feature preview.

Use this resource to configure an Azure Active Directory Activity Log integration to analyze audit logs
for monitoring cloud account security.

## Example Usage

```hcl
resource "lacework_integration_azure_ad_al" "account_abc" {
name = "account ABC"
tenant_id = "abbc1234-abc1-123a-1234-abcd1234abcd"
event_hub_namespace = "your-eventhub-ns.servicebus.windows.net"
event_hub_name = "your-event-hub-name"
credentials {
client_id = "1234abcd-abcd-1234-ab12-abcd1234abcd"
client_secret = "ABCD1234abcd1234abdc1234ABCD1234abcdefxxx="
}
}
```

## Argument Reference

The following arguments are supported:

* `name` - (Required) The Azure Active Directory Activity Log integration name.
* `tenant_id` - (Required) The directory tenant ID.
* `event_hub_namespace` - (Required) The EventHub Namespace.
* `event_hub_name` - (Required) The EventHub Name.
* `credentials` - (Required) The credentials needed by the integration. See [Credentials](#credentials) below for details.
* `enabled` - (Optional) The state of the external integration. Defaults to `true`.
* `retries` - (Optional) The number of attempts to create the external integration. Defaults to `5`.

### Credentials

`credentials` supports the following arguments:

* `client_id` - (Required) The application client ID.
* `client_secret` - (Required) The client secret.

## Import

A Lacework Azure Active Directory Activity Log integration can be imported using a `INT_GUID`, e.g.

```
$ terraform import lacework_integration_azure_ad_al.account_abc EXAMPLE_1234BAE1E42182964D23973F44CFEA3C4AB63B99E9A1EC5
```
-> **Note:** To retrieve the `INT_GUID` from existing integrations in your account, use the
Lacework CLI command `lacework cloud-account list`. To install this tool follow
[this documentation](https://docs.lacework.com/cli/).
24 changes: 24 additions & 0 deletions examples/resource_lacework_integration_azure_ad_al/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
terraform {
required_providers {
lacework = {
source = "lacework/lacework"
}
}
}

variable "name" {
type = string
default = "Azure Active Directory Activity Log integration example"
}

resource "lacework_integration_azure_ad_al" "example" {
name = var.name
tenant_id = "your-tenant-id-goes-here"
event_hub_namespace = "your-eventhub-ns.servicebus.windows.net"
event_hub_name = "your-event-hub-name"
credentials {
client_id = "1234567890-abcd-client-id"
client_secret = "SUPER_SECURE_SECRET"
}
retries = 10
}
11 changes: 11 additions & 0 deletions integration/integration.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,17 @@ func GetCloudOrgAccountIntegrationName(result string) string {
return res.Data.Name
}

func GetCloudAccountAzureAdAlIntegrationResponse(result string) api.AzureAdAlIntegrationResponse {
id := GetIDFromTerraResults(result)

response, err := LwClient.V2.CloudAccounts.GetAzureAdAl(id)
if err != nil {
log.Fatalf("Unable to find AzureAdAl integration with id: %s\n Response: %v", id, response)
}

return response
}

func GetCloudAccountEksAuditLogData(result string) api.AwsEksAuditData {
id := GetIDFromTerraResults(result)

Expand Down
39 changes: 39 additions & 0 deletions integration/resource_lacework_integration_azure_ad_al_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
package integration

import (
"fmt"
"testing"

"github.com/gruntwork-io/terratest/modules/terraform"
"github.com/stretchr/testify/assert"
)

// TestIntegrationAzureAdAl applies integration terraform:
// => '../examples/resource_lacework_integration_azure_ad_al'
//
// It uses the go-sdk to verify the created integration,
// applies an update with new integration name and destroys it
func TestIntegrationAzureAdAl(t *testing.T) {
integration_name := "Azure Ad Al Example Integration Test With Terraform"
updated_integration_name := fmt.Sprintf("%s Updated", integration_name)

terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
TerraformDir: "../examples/resource_lacework_integration_azure_ad_al",
Vars: map[string]interface{}{
"name": integration_name,
},
})
defer terraform.Destroy(t, terraformOptions)

// Create new AzureAdAl integration
create := terraform.InitAndApplyAndIdempotent(t, terraformOptions)
intgRes := GetCloudAccountAzureAdAlIntegrationResponse(create)
assert.Equal(t, integration_name, intgRes.Data.Name)

// Update integration
terraformOptions.Vars["name"] = updated_integration_name

update := terraform.InitAndApplyAndIdempotent(t, terraformOptions)
intgRes = GetCloudAccountAzureAdAlIntegrationResponse(update)
assert.Equal(t, updated_integration_name, intgRes.Data.Name)
}
1 change: 1 addition & 0 deletions lacework/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,7 @@ func Provider() *schema.Provider {
"lacework_integration_aws_govcloud_cfg": resourceLaceworkIntegrationAwsGovCloudCfg(),
"lacework_integration_aws_govcloud_ct": resourceLaceworkIntegrationAwsGovCloudCT(),
"lacework_integration_azure_cfg": resourceLaceworkIntegrationAzureCfg(),
"lacework_integration_azure_ad_al": resourceLaceworkIntegrationAzureAdAl(),
"lacework_integration_azure_al": resourceLaceworkIntegrationAzureActivityLog(),
"lacework_integration_docker_hub": resourceLaceworkIntegrationDockerHub(),
"lacework_integration_docker_v2": resourceLaceworkIntegrationDockerV2(),
Expand Down
Loading

0 comments on commit f7da529

Please sign in to comment.