From 620e3e14b2643db33d96650866718e50a101f686 Mon Sep 17 00:00:00 2001 From: Gax Date: Mon, 3 Mar 2025 11:44:45 -0500 Subject: [PATCH 1/2] make tfgen --- .pulumi-java-gen.version | 2 +- examples/go.mod | 4 +- examples/go.sum | 8 +- .../pulumi-resource-crowdstrike/schema.json | 540 +++++++++++++++++- provider/go.mod | 69 +-- provider/go.sum | 160 +++--- provider/resources.go | 3 +- provider/shim/go.mod | 45 +- provider/shim/go.sum | 170 +++--- pulumi-crowdstrike.sln | 38 ++ sdk/go.mod | 2 +- sdk/go.sum | 4 +- 12 files changed, 812 insertions(+), 233 deletions(-) create mode 100644 pulumi-crowdstrike.sln diff --git a/.pulumi-java-gen.version b/.pulumi-java-gen.version index 1cc5f65..3e1ad72 100644 --- a/.pulumi-java-gen.version +++ b/.pulumi-java-gen.version @@ -1 +1 @@ -1.1.0 \ No newline at end of file +1.5.0 \ No newline at end of file diff --git a/examples/go.mod b/examples/go.mod index 22de38f..d2a4a0c 100644 --- a/examples/go.mod +++ b/examples/go.mod @@ -2,7 +2,7 @@ module github.com/crowdstrike/pulumi-crowdstrike/examples go 1.22.5 -require github.com/pulumi/pulumi/pkg/v3 v3.147.0 +require github.com/pulumi/pulumi/pkg/v3 v3.148.0 require ( cloud.google.com/go v0.112.1 // indirect @@ -123,7 +123,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect github.com/pulumi/esc v0.10.0 // indirect - github.com/pulumi/pulumi/sdk/v3 v3.147.0 // indirect + github.com/pulumi/pulumi/sdk/v3 v3.148.0 // indirect github.com/rivo/uniseg v0.4.4 // indirect github.com/rogpeppe/go-internal v1.12.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect diff --git a/examples/go.sum b/examples/go.sum index d9d0459..107f014 100644 --- a/examples/go.sum +++ b/examples/go.sum @@ -337,10 +337,10 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.10.0 h1:jzBKzkLVW0mePeanDRfqSQoCJ5yrkux0jIwAkUxpRKE= github.com/pulumi/esc v0.10.0/go.mod h1:2Bfa+FWj/xl8CKqRTWbWgDX0SOD4opdQgvYSURTGK2c= -github.com/pulumi/pulumi/pkg/v3 v3.147.0 h1:aFzP2kXBL/nPPDao625xIkjAhqT5GKe3XfPXbG07oFA= -github.com/pulumi/pulumi/pkg/v3 v3.147.0/go.mod h1:WqLJy8lfzbGTEqz5Rukd+GrqBYNBf8Y3dJ+Wde+G6g4= -github.com/pulumi/pulumi/sdk/v3 v3.147.0 h1:8ZDZnEsCZa6shw1dwIDUssbYMooYyebhpmx5feuZCqM= -github.com/pulumi/pulumi/sdk/v3 v3.147.0/go.mod h1:+WC9aIDo8fMgd2g0jCHuZU2S/VYNLRAZ3QXt6YVgwaA= +github.com/pulumi/pulumi/pkg/v3 v3.148.0 h1:7FuRpw1ysvt5400x+5Ukbj14ue5W8b9fI+FZ8YMD7o4= +github.com/pulumi/pulumi/pkg/v3 v3.148.0/go.mod h1:xxL0LnlNmjotV8Kz3sKITKCQf+U72prabgt4NAlJfRk= +github.com/pulumi/pulumi/sdk/v3 v3.148.0 h1:tEw1FQOKoQVP7HfZWI9DJQl4ZvGaL1z2ixZdN2wGV/o= +github.com/pulumi/pulumi/sdk/v3 v3.148.0/go.mod h1:+WC9aIDo8fMgd2g0jCHuZU2S/VYNLRAZ3QXt6YVgwaA= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= diff --git a/provider/cmd/pulumi-resource-crowdstrike/schema.json b/provider/cmd/pulumi-resource-crowdstrike/schema.json index c290c6f..510704a 100644 --- a/provider/cmd/pulumi-resource-crowdstrike/schema.json +++ b/provider/cmd/pulumi-resource-crowdstrike/schema.json @@ -74,11 +74,113 @@ }, "cloud": { "type": "string", - "description": "Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1\n" + "description": "Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD\nenvironment variable when left blank.\n" + }, + "memberCid": { + "type": "string", + "description": "For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID\n" } } }, "types": { + "crowdstrike:index/CloudAwsAccountAssetInventory:CloudAwsAccountAssetInventory": { + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable asset inventory\n" + }, + "roleName": { + "type": "string", + "description": "Custom AWS IAM role name\n" + } + }, + "type": "object", + "required": [ + "enabled" + ] + }, + "crowdstrike:index/CloudAwsAccountDspm:CloudAwsAccountDspm": { + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Data Security Posture Management\n" + }, + "roleName": { + "type": "string", + "description": "Custom AWS IAM role name for Data Security Posture Management\n" + } + }, + "type": "object", + "required": [ + "enabled" + ] + }, + "crowdstrike:index/CloudAwsAccountIdp:CloudAwsAccountIdp": { + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Identity Protection\n" + }, + "status": { + "type": "string", + "description": "Current status of the Identity Protection integration\n" + } + }, + "type": "object", + "required": [ + "enabled" + ], + "language": { + "nodejs": { + "requiredOutputs": [ + "enabled", + "status" + ] + } + } + }, + "crowdstrike:index/CloudAwsAccountRealtimeVisibility:CloudAwsAccountRealtimeVisibility": { + "properties": { + "cloudtrailRegion": { + "type": "string", + "description": "The AWS region of the CloudTrail bucket\n" + }, + "enabled": { + "type": "boolean", + "description": "Enable real-time visibility and detection\n" + }, + "useExistingCloudtrail": { + "type": "boolean", + "description": "Set to true if a CloudTrail already exists\n" + } + }, + "type": "object", + "required": [ + "cloudtrailRegion", + "enabled" + ], + "language": { + "nodejs": { + "requiredOutputs": [ + "cloudtrailRegion", + "enabled", + "useExistingCloudtrail" + ] + } + } + }, + "crowdstrike:index/CloudAwsAccountSensorManagement:CloudAwsAccountSensorManagement": { + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable 1-click sensor deployment\n" + } + }, + "type": "object", + "required": [ + "enabled" + ] + }, "crowdstrike:index/FilevantagePolicyScheduledExclusion:FilevantagePolicyScheduledExclusion": { "properties": { "description": { @@ -652,6 +754,111 @@ "startTime" ] }, + "crowdstrike:index/getCloudAwsAccountAccount:getCloudAwsAccountAccount": { + "properties": { + "accountId": { + "type": "string", + "description": "The AWS Account ID\n" + }, + "accountType": { + "type": "string", + "description": "The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type\n" + }, + "assetInventoryEnabled": { + "type": "boolean", + "description": "Whether asset inventory is enabled\n" + }, + "cloudtrailBucketName": { + "type": "string", + "description": "The name of the CloudTrail S3 bucket used for real-time visibility\n" + }, + "cloudtrailRegion": { + "type": "string", + "description": "The AWS region of the CloudTrail bucket\n" + }, + "dspmEnabled": { + "type": "boolean", + "description": "Whether Data Security Posture Management is enabled\n" + }, + "dspmRoleArn": { + "type": "string", + "description": "The ARN of the IAM role to be used by CrowdStrike DSPM\n" + }, + "eventbusArn": { + "type": "string", + "description": "The ARN of the Amazon EventBridge used by CrowdStrike to forward messages\n" + }, + "eventbusName": { + "type": "string", + "description": "The name of the Amazon EventBridge used by CrowdStrike to forward messages\n" + }, + "externalId": { + "type": "string", + "description": "The external ID used to assume the AWS IAM role\n" + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the AWS IAM role used to access this AWS account\n" + }, + "idpEnabled": { + "type": "boolean", + "description": "Whether Identity Protection is enabled\n" + }, + "intermediateRoleArn": { + "type": "string", + "description": "The ARN of the intermediate role used to assume the AWS IAM role\n" + }, + "isOrganizationManagementAccount": { + "type": "boolean", + "description": "Indicates whether this is the management account (formerly known as the root account) of an AWS Organization\n" + }, + "organizationId": { + "type": "string", + "description": "The AWS Organization ID\n" + }, + "realtimeVisibilityEnabled": { + "type": "boolean", + "description": "Whether real-time visibility is enabled\n" + }, + "sensorManagementEnabled": { + "type": "boolean", + "description": "Whether 1-click sensor deployment is enabled\n" + }, + "targetOuses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of AWS Organizational Units (OUs) targeted for this account\n" + } + }, + "type": "object", + "required": [ + "accountId", + "accountType", + "assetInventoryEnabled", + "cloudtrailBucketName", + "cloudtrailRegion", + "dspmEnabled", + "dspmRoleArn", + "eventbusArn", + "eventbusName", + "externalId", + "iamRoleArn", + "idpEnabled", + "intermediateRoleArn", + "isOrganizationManagementAccount", + "organizationId", + "realtimeVisibilityEnabled", + "sensorManagementEnabled", + "targetOuses" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "crowdstrike:index/getSensorUpdatePolicyBuildsLinux:getSensorUpdatePolicyBuildsLinux": { "properties": { "alls": { @@ -1320,7 +1527,11 @@ }, "cloud": { "type": "string", - "description": "Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1\n" + "description": "Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD\nenvironment variable when left blank.\n" + }, + "memberCid": { + "type": "string", + "description": "For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID\n" } }, "inputProperties": { @@ -1336,11 +1547,230 @@ }, "cloud": { "type": "string", - "description": "Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1\n" + "description": "Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD\nenvironment variable when left blank.\n" + }, + "memberCid": { + "type": "string", + "description": "For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID\n" } } }, "resources": { + "crowdstrike:index/cloudAwsAccount:CloudAwsAccount": { + "description": "This resource allows management of an AWS account in Falcon.\n\n## API Scopes\n\nThe following API scopes are required:\n\n- Cloud security AWS registration | Read \u0026 Write\n- CSPM registration | Read \u0026 Write\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.crowdstrike.CloudAwsAccount;\nimport com.pulumi.crowdstrike.CloudAwsAccountArgs;\nimport com.pulumi.crowdstrike.inputs.CloudAwsAccountDspmArgs;\nimport com.pulumi.crowdstrike.inputs.CloudAwsAccountIdpArgs;\nimport com.pulumi.crowdstrike.inputs.CloudAwsAccountRealtimeVisibilityArgs;\nimport com.pulumi.crowdstrike.inputs.CloudAwsAccountSensorManagementArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var org = new CloudAwsAccount(\"org\", CloudAwsAccountArgs.builder()\n .accountId(\"123456789012\")\n .dspm(CloudAwsAccountDspmArgs.builder()\n .enabled(true)\n .build())\n .idp(CloudAwsAccountIdpArgs.builder()\n .enabled(true)\n .build())\n .isOrganizationManagementAccount(true)\n .organizationId(\"o-1234567890\")\n .realtimeVisibility(CloudAwsAccountRealtimeVisibilityArgs.builder()\n .cloudtrail_region(\"us-east-1\")\n .enabled(true)\n .build())\n .sensorManagement(CloudAwsAccountSensorManagementArgs.builder()\n .enabled(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n org:\n type: crowdstrike:CloudAwsAccount\n properties:\n accountId: '123456789012'\n dspm:\n enabled: true\n idp:\n enabled: true\n isOrganizationManagementAccount: true\n organizationId: o-1234567890\n realtimeVisibility:\n cloudtrail_region: us-east-1\n enabled: true\n sensorManagement:\n enabled: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "properties": { + "accountId": { + "type": "string", + "description": "The AWS Account ID\n" + }, + "accountType": { + "type": "string", + "description": "The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type\n" + }, + "assetInventory": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountAssetInventory:CloudAwsAccountAssetInventory" + }, + "cloudtrailBucketName": { + "type": "string", + "description": "The name of the CloudTrail S3 bucket used for real-time visibility\n" + }, + "deploymentMethod": { + "type": "string" + }, + "dspm": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountDspm:CloudAwsAccountDspm" + }, + "dspmRoleArn": { + "type": "string", + "description": "The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management\n" + }, + "eventbusArn": { + "type": "string", + "description": "The ARN of the Amazon EventBridge used by CrowdStrike to forward messages\n" + }, + "eventbusName": { + "type": "string", + "description": "The name of the Amazon EventBridge used by CrowdStrike to forward messages\n" + }, + "externalId": { + "type": "string", + "description": "The external ID used to assume the AWS IAM role\n" + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the AWS IAM role used to access this AWS account\n" + }, + "idp": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountIdp:CloudAwsAccountIdp" + }, + "intermediateRoleArn": { + "type": "string", + "description": "The ARN of the intermediate role used to assume the AWS IAM role\n" + }, + "isOrganizationManagementAccount": { + "type": "boolean", + "description": "Indicates whether this is the management account (formerly known as the root account) of an AWS Organization\n" + }, + "organizationId": { + "type": "string", + "description": "The AWS Organization ID\n" + }, + "realtimeVisibility": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountRealtimeVisibility:CloudAwsAccountRealtimeVisibility" + }, + "sensorManagement": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountSensorManagement:CloudAwsAccountSensorManagement" + }, + "targetOuses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of target Organizational Units\n" + } + }, + "required": [ + "accountId", + "accountType", + "assetInventory", + "cloudtrailBucketName", + "deploymentMethod", + "dspm", + "dspmRoleArn", + "eventbusArn", + "eventbusName", + "externalId", + "iamRoleArn", + "idp", + "intermediateRoleArn", + "isOrganizationManagementAccount", + "organizationId", + "realtimeVisibility", + "sensorManagement", + "targetOuses" + ], + "inputProperties": { + "accountId": { + "type": "string", + "description": "The AWS Account ID\n" + }, + "accountType": { + "type": "string", + "description": "The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type\n" + }, + "assetInventory": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountAssetInventory:CloudAwsAccountAssetInventory" + }, + "deploymentMethod": { + "type": "string" + }, + "dspm": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountDspm:CloudAwsAccountDspm" + }, + "idp": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountIdp:CloudAwsAccountIdp" + }, + "isOrganizationManagementAccount": { + "type": "boolean", + "description": "Indicates whether this is the management account (formerly known as the root account) of an AWS Organization\n" + }, + "organizationId": { + "type": "string", + "description": "The AWS Organization ID\n" + }, + "realtimeVisibility": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountRealtimeVisibility:CloudAwsAccountRealtimeVisibility" + }, + "sensorManagement": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountSensorManagement:CloudAwsAccountSensorManagement" + }, + "targetOuses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of target Organizational Units\n" + } + }, + "requiredInputs": [ + "accountId" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering CloudAwsAccount resources.\n", + "properties": { + "accountId": { + "type": "string", + "description": "The AWS Account ID\n" + }, + "accountType": { + "type": "string", + "description": "The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type\n" + }, + "assetInventory": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountAssetInventory:CloudAwsAccountAssetInventory" + }, + "cloudtrailBucketName": { + "type": "string", + "description": "The name of the CloudTrail S3 bucket used for real-time visibility\n" + }, + "deploymentMethod": { + "type": "string" + }, + "dspm": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountDspm:CloudAwsAccountDspm" + }, + "dspmRoleArn": { + "type": "string", + "description": "The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management\n" + }, + "eventbusArn": { + "type": "string", + "description": "The ARN of the Amazon EventBridge used by CrowdStrike to forward messages\n" + }, + "eventbusName": { + "type": "string", + "description": "The name of the Amazon EventBridge used by CrowdStrike to forward messages\n" + }, + "externalId": { + "type": "string", + "description": "The external ID used to assume the AWS IAM role\n" + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the AWS IAM role used to access this AWS account\n" + }, + "idp": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountIdp:CloudAwsAccountIdp" + }, + "intermediateRoleArn": { + "type": "string", + "description": "The ARN of the intermediate role used to assume the AWS IAM role\n" + }, + "isOrganizationManagementAccount": { + "type": "boolean", + "description": "Indicates whether this is the management account (formerly known as the root account) of an AWS Organization\n" + }, + "organizationId": { + "type": "string", + "description": "The AWS Organization ID\n" + }, + "realtimeVisibility": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountRealtimeVisibility:CloudAwsAccountRealtimeVisibility" + }, + "sensorManagement": { + "$ref": "#/types/crowdstrike:index/CloudAwsAccountSensorManagement:CloudAwsAccountSensorManagement" + }, + "targetOuses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of target Organizational Units\n" + } + }, + "type": "object" + } + }, "crowdstrike:index/filevantagePolicy:FilevantagePolicy": { "description": "This resource allows management of a FileVantage policy. A FileVantage policy is a collection of file integrity rules and rule groups that you can apply to host groups.\n\n## API Scopes\n\nThe following API scopes are required:\n\n- Falcon FileVantage | Read \u0026 Write\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.crowdstrike.FilevantageRuleGroup;\nimport com.pulumi.crowdstrike.FilevantageRuleGroupArgs;\nimport com.pulumi.crowdstrike.inputs.FilevantageRuleGroupRuleArgs;\nimport com.pulumi.crowdstrike.FilevantagePolicy;\nimport com.pulumi.crowdstrike.FilevantagePolicyArgs;\nimport com.pulumi.crowdstrike.inputs.FilevantagePolicyScheduledExclusionArgs;\nimport com.pulumi.crowdstrike.inputs.FilevantagePolicyScheduledExclusionRepeatedArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var exampleFilevantageRuleGroup = new FilevantageRuleGroup(\"exampleFilevantageRuleGroup\", FilevantageRuleGroupArgs.builder()\n .description(\"Made with Pulumi\")\n .type(\"MacFiles\")\n .rules(FilevantageRuleGroupRuleArgs.builder()\n .description(\"first rule\")\n .path(\"/path/to/example/\")\n .severity(\"High\")\n .depth(\"ANY\")\n .build())\n .build());\n\n var example2 = new FilevantageRuleGroup(\"example2\", FilevantageRuleGroupArgs.builder()\n .description(\"Made with Pulumi\")\n .type(\"MacFiles\")\n .rules(FilevantageRuleGroupRuleArgs.builder()\n .description(\"first rule\")\n .path(\"/path/to/example/\")\n .severity(\"High\")\n .depth(\"ANY\")\n .enable_content_capture(true)\n .watch_file_write_changes(true)\n .file_names(\"example.exe\")\n .build())\n .build());\n\n var exampleFilevantagePolicy = new FilevantagePolicy(\"exampleFilevantagePolicy\", FilevantagePolicyArgs.builder()\n .enabled(true)\n .description(\"Made with Pulumi\")\n .platformName(\"Mac\")\n .ruleGroups( \n exampleFilevantageRuleGroup.id(),\n example2.id())\n .scheduledExclusions( \n FilevantagePolicyScheduledExclusionArgs.builder()\n .name(\"policy1\")\n .description(\"Run the first 3 days of the month. All day.\")\n .start_date(\"2024-05-21\")\n .start_time(\"11:09\")\n .timezone(\"US/Central\")\n .processes(\"**/example.exe,/path/to/example2.exe\")\n .repeated(FilevantagePolicyScheduledExclusionRepeatedArgs.builder()\n .allDay(true)\n .frequency(\"monthly\")\n .monthlyOccurrence(\"Days\")\n .daysOfMonth( \n 1,\n 2,\n 3)\n .build())\n .build(),\n FilevantagePolicyScheduledExclusionArgs.builder()\n .name(\"policy2\")\n .description(\"Run monday, tuesday, wednesday. 11:09 - 12:10.\")\n .start_date(\"2024-05-21\")\n .start_time(\"11:09\")\n .users(\"admin*,example\")\n .timezone(\"US/Central\")\n .repeated(FilevantagePolicyScheduledExclusionRepeatedArgs.builder()\n .allDay(false)\n .startTime(\"11:09\")\n .endTime(\"12:10\")\n .frequency(\"weekly\")\n .daysOfWeek( \n \"Monday\",\n \"Tuesday\",\n \"Wednesday\")\n .build())\n .build())\n .build());\n\n ctx.export(\"filevantagePolicy\", exampleFilevantagePolicy);\n }\n}\n```\n```yaml\nresources:\n exampleFilevantageRuleGroup:\n type: crowdstrike:FilevantageRuleGroup\n properties:\n description: Made with Pulumi\n type: MacFiles\n rules:\n - description: first rule\n path: /path/to/example/\n severity: High\n depth: ANY\n example2:\n type: crowdstrike:FilevantageRuleGroup\n properties:\n description: Made with Pulumi\n type: MacFiles\n rules:\n - description: first rule\n path: /path/to/example/\n severity: High\n depth: ANY\n enable_content_capture: true\n watch_file_write_changes: true\n file_names:\n - example.exe\n exampleFilevantagePolicy:\n type: crowdstrike:FilevantagePolicy\n properties:\n enabled: true\n description: Made with Pulumi\n platformName: Mac\n # host_groups = [\"1232313\"]\n ruleGroups:\n - ${exampleFilevantageRuleGroup.id}\n - ${example2.id}\n scheduledExclusions:\n - name: policy1\n description: Run the first 3 days of the month. All day.\n start_date: 2024-05-21\n start_time: 11:09\n timezone: US/Central\n processes: '**/example.exe,/path/to/example2.exe'\n repeated:\n allDay: true\n frequency: monthly\n monthlyOccurrence: Days\n daysOfMonth:\n - 1\n - 2\n - 3\n - name: policy2\n description: Run monday, tuesday, wednesday. 11:09 - 12:10.\n start_date: 2024-05-21\n start_time: 11:09\n users: admin*,example\n timezone: US/Central\n repeated:\n allDay: false\n startTime: 11:09\n endTime: 12:10\n frequency: weekly\n daysOfWeek:\n - Monday\n - Tuesday\n - Wednesday\noutputs:\n filevantagePolicy: ${exampleFilevantagePolicy}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nfilvantage policy can be imported by specifying the policy id.\n\n```sh\n$ pulumi import crowdstrike:index/filevantagePolicy:FilevantagePolicy example 7fb858a949034a0cbca175f660f1e769\n```\n\n", "properties": { @@ -1680,7 +2110,7 @@ } }, "crowdstrike:index/preventionPolicyLinux:PreventionPolicyLinux": { - "description": "This resource allows you to manage CrowdStrike Falcon prevention policies for Linux hosts. Prevention policies allow you to manage what activity will trigger detections and preventions on your hosts.\n\n## API Scopes\n\nThe following API scopes are required:\n\n- Prevention policies | Read \u0026 Write\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as crowdstrike from \"@crowdstrike/pulumi\";\n\nconst example = new crowdstrike.PreventionPolicyLinux(\"example\", {\n enabled: true,\n description: \"Made with Pulumi\",\n hostGroups: [\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\"],\n ioaRuleGroups: [],\n cloudAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n sensorAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n quarantine: true,\n customBlocking: true,\n preventSuspiciousProcesses: true,\n scriptBasedExecutionMonitoring: true,\n uploadUnknownExecutables: true,\n uploadUnknownDetectionRelatedExecutables: true,\n driftPrevention: true,\n emailProtocolVisibility: true,\n filesystemVisibility: true,\n ftpVisibility: true,\n httpVisibility: true,\n networkVisibility: true,\n tlsVisibility: true,\n});\nexport const preventionPolicyLinux = example;\n```\n```python\nimport pulumi\nimport crowdstrike_pulumi as crowdstrike\n\nexample = crowdstrike.PreventionPolicyLinux(\"example\",\n enabled=True,\n description=\"Made with Pulumi\",\n host_groups=[\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\"],\n ioa_rule_groups=[],\n cloud_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n sensor_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n quarantine=True,\n custom_blocking=True,\n prevent_suspicious_processes=True,\n script_based_execution_monitoring=True,\n upload_unknown_executables=True,\n upload_unknown_detection_related_executables=True,\n drift_prevention=True,\n email_protocol_visibility=True,\n filesystem_visibility=True,\n ftp_visibility=True,\n http_visibility=True,\n network_visibility=True,\n tls_visibility=True)\npulumi.export(\"preventionPolicyLinux\", example)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Crowdstrike = CrowdStrike.Crowdstrike;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Crowdstrike.PreventionPolicyLinux(\"example\", new()\n {\n Enabled = true,\n Description = \"Made with Pulumi\",\n HostGroups = new[]\n {\n \"d6e3c1e1b3d0467da0fowc96a5e6ecb5\",\n },\n IoaRuleGroups = new[] {},\n CloudAntiMalware = new Crowdstrike.Inputs.PreventionPolicyLinuxCloudAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n SensorAntiMalware = new Crowdstrike.Inputs.PreventionPolicyLinuxSensorAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n Quarantine = true,\n CustomBlocking = true,\n PreventSuspiciousProcesses = true,\n ScriptBasedExecutionMonitoring = true,\n UploadUnknownExecutables = true,\n UploadUnknownDetectionRelatedExecutables = true,\n DriftPrevention = true,\n EmailProtocolVisibility = true,\n FilesystemVisibility = true,\n FtpVisibility = true,\n HttpVisibility = true,\n NetworkVisibility = true,\n TlsVisibility = true,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"preventionPolicyLinux\"] = example,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := crowdstrike.NewPreventionPolicyLinux(ctx, \"example\", \u0026crowdstrike.PreventionPolicyLinuxArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tDescription: pulumi.String(\"Made with Pulumi\"),\n\t\t\tHostGroups: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\"),\n\t\t\t},\n\t\t\tIoaRuleGroups: pulumi.StringArray{},\n\t\t\tCloudAntiMalware: \u0026crowdstrike.PreventionPolicyLinuxCloudAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tSensorAntiMalware: \u0026crowdstrike.PreventionPolicyLinuxSensorAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tQuarantine: pulumi.Bool(true),\n\t\t\tCustomBlocking: pulumi.Bool(true),\n\t\t\tPreventSuspiciousProcesses: pulumi.Bool(true),\n\t\t\tScriptBasedExecutionMonitoring: pulumi.Bool(true),\n\t\t\tUploadUnknownExecutables: pulumi.Bool(true),\n\t\t\tUploadUnknownDetectionRelatedExecutables: pulumi.Bool(true),\n\t\t\tDriftPrevention: pulumi.Bool(true),\n\t\t\tEmailProtocolVisibility: pulumi.Bool(true),\n\t\t\tFilesystemVisibility: pulumi.Bool(true),\n\t\t\tFtpVisibility: pulumi.Bool(true),\n\t\t\tHttpVisibility: pulumi.Bool(true),\n\t\t\tNetworkVisibility: pulumi.Bool(true),\n\t\t\tTlsVisibility: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"preventionPolicyLinux\", example)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.crowdstrike.PreventionPolicyLinux;\nimport com.pulumi.crowdstrike.PreventionPolicyLinuxArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyLinuxCloudAntiMalwareArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyLinuxSensorAntiMalwareArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PreventionPolicyLinux(\"example\", PreventionPolicyLinuxArgs.builder()\n .enabled(true)\n .description(\"Made with Pulumi\")\n .hostGroups(\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\")\n .ioaRuleGroups()\n .cloudAntiMalware(PreventionPolicyLinuxCloudAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .sensorAntiMalware(PreventionPolicyLinuxSensorAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .quarantine(true)\n .customBlocking(true)\n .preventSuspiciousProcesses(true)\n .scriptBasedExecutionMonitoring(true)\n .uploadUnknownExecutables(true)\n .uploadUnknownDetectionRelatedExecutables(true)\n .driftPrevention(true)\n .emailProtocolVisibility(true)\n .filesystemVisibility(true)\n .ftpVisibility(true)\n .httpVisibility(true)\n .networkVisibility(true)\n .tlsVisibility(true)\n .build());\n\n ctx.export(\"preventionPolicyLinux\", example);\n }\n}\n```\n```yaml\nresources:\n example:\n type: crowdstrike:PreventionPolicyLinux\n properties:\n enabled: true\n description: Made with Pulumi\n hostGroups:\n - d6e3c1e1b3d0467da0fowc96a5e6ecb5\n ioaRuleGroups: []\n cloudAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n sensorAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n quarantine: true\n customBlocking: true\n preventSuspiciousProcesses: true\n scriptBasedExecutionMonitoring: true\n uploadUnknownExecutables: true\n uploadUnknownDetectionRelatedExecutables: true\n driftPrevention: true\n emailProtocolVisibility: true\n filesystemVisibility: true\n ftpVisibility: true\n httpVisibility: true\n networkVisibility: true\n tlsVisibility: true\noutputs:\n preventionPolicyLinux: ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nprevention policy can be imported by specifying the policy id.\n\n```sh\n$ pulumi import crowdstrike:index/preventionPolicyLinux:PreventionPolicyLinux example 7fb858a949034a0cbca175f660f1e769\n```\n\n", + "description": "This resource allows you to manage CrowdStrike Falcon prevention policies for Linux hosts. Prevention policies allow you to manage what activity will trigger detections and preventions on your hosts.\n\n## API Scopes\n\nThe following API scopes are required:\n\n- Prevention policies | Read \u0026 Write\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as crowdstrike from \"@crowdstrike/pulumi\";\n\nconst example = new crowdstrike.PreventionPolicyLinux(\"example\", {\n enabled: true,\n description: \"Made with Pulumi\",\n hostGroups: [],\n ioaRuleGroups: [],\n cloudAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n sensorAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n quarantine: true,\n customBlocking: true,\n preventSuspiciousProcesses: true,\n scriptBasedExecutionMonitoring: true,\n uploadUnknownExecutables: true,\n uploadUnknownDetectionRelatedExecutables: true,\n driftPrevention: true,\n emailProtocolVisibility: true,\n filesystemVisibility: true,\n ftpVisibility: true,\n httpVisibility: true,\n networkVisibility: true,\n tlsVisibility: true,\n sensorTamperingProtection: true,\n onWriteScriptFileVisibility: true,\n memoryVisibility: true,\n});\nexport const preventionPolicyLinux = example;\n```\n```python\nimport pulumi\nimport crowdstrike_pulumi as crowdstrike\n\nexample = crowdstrike.PreventionPolicyLinux(\"example\",\n enabled=True,\n description=\"Made with Pulumi\",\n host_groups=[],\n ioa_rule_groups=[],\n cloud_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n sensor_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n quarantine=True,\n custom_blocking=True,\n prevent_suspicious_processes=True,\n script_based_execution_monitoring=True,\n upload_unknown_executables=True,\n upload_unknown_detection_related_executables=True,\n drift_prevention=True,\n email_protocol_visibility=True,\n filesystem_visibility=True,\n ftp_visibility=True,\n http_visibility=True,\n network_visibility=True,\n tls_visibility=True,\n sensor_tampering_protection=True,\n on_write_script_file_visibility=True,\n memory_visibility=True)\npulumi.export(\"preventionPolicyLinux\", example)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Crowdstrike = CrowdStrike.Crowdstrike;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Crowdstrike.PreventionPolicyLinux(\"example\", new()\n {\n Enabled = true,\n Description = \"Made with Pulumi\",\n HostGroups = new[] {},\n IoaRuleGroups = new[] {},\n CloudAntiMalware = new Crowdstrike.Inputs.PreventionPolicyLinuxCloudAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n SensorAntiMalware = new Crowdstrike.Inputs.PreventionPolicyLinuxSensorAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n Quarantine = true,\n CustomBlocking = true,\n PreventSuspiciousProcesses = true,\n ScriptBasedExecutionMonitoring = true,\n UploadUnknownExecutables = true,\n UploadUnknownDetectionRelatedExecutables = true,\n DriftPrevention = true,\n EmailProtocolVisibility = true,\n FilesystemVisibility = true,\n FtpVisibility = true,\n HttpVisibility = true,\n NetworkVisibility = true,\n TlsVisibility = true,\n SensorTamperingProtection = true,\n OnWriteScriptFileVisibility = true,\n MemoryVisibility = true,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"preventionPolicyLinux\"] = example,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := crowdstrike.NewPreventionPolicyLinux(ctx, \"example\", \u0026crowdstrike.PreventionPolicyLinuxArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tDescription: pulumi.String(\"Made with Pulumi\"),\n\t\t\tHostGroups: pulumi.StringArray{},\n\t\t\tIoaRuleGroups: pulumi.StringArray{},\n\t\t\tCloudAntiMalware: \u0026crowdstrike.PreventionPolicyLinuxCloudAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tSensorAntiMalware: \u0026crowdstrike.PreventionPolicyLinuxSensorAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tQuarantine: pulumi.Bool(true),\n\t\t\tCustomBlocking: pulumi.Bool(true),\n\t\t\tPreventSuspiciousProcesses: pulumi.Bool(true),\n\t\t\tScriptBasedExecutionMonitoring: pulumi.Bool(true),\n\t\t\tUploadUnknownExecutables: pulumi.Bool(true),\n\t\t\tUploadUnknownDetectionRelatedExecutables: pulumi.Bool(true),\n\t\t\tDriftPrevention: pulumi.Bool(true),\n\t\t\tEmailProtocolVisibility: pulumi.Bool(true),\n\t\t\tFilesystemVisibility: pulumi.Bool(true),\n\t\t\tFtpVisibility: pulumi.Bool(true),\n\t\t\tHttpVisibility: pulumi.Bool(true),\n\t\t\tNetworkVisibility: pulumi.Bool(true),\n\t\t\tTlsVisibility: pulumi.Bool(true),\n\t\t\tSensorTamperingProtection: pulumi.Bool(true),\n\t\t\tOnWriteScriptFileVisibility: pulumi.Bool(true),\n\t\t\tMemoryVisibility: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"preventionPolicyLinux\", example)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.crowdstrike.PreventionPolicyLinux;\nimport com.pulumi.crowdstrike.PreventionPolicyLinuxArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyLinuxCloudAntiMalwareArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyLinuxSensorAntiMalwareArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PreventionPolicyLinux(\"example\", PreventionPolicyLinuxArgs.builder()\n .enabled(true)\n .description(\"Made with Pulumi\")\n .hostGroups()\n .ioaRuleGroups()\n .cloudAntiMalware(PreventionPolicyLinuxCloudAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .sensorAntiMalware(PreventionPolicyLinuxSensorAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .quarantine(true)\n .customBlocking(true)\n .preventSuspiciousProcesses(true)\n .scriptBasedExecutionMonitoring(true)\n .uploadUnknownExecutables(true)\n .uploadUnknownDetectionRelatedExecutables(true)\n .driftPrevention(true)\n .emailProtocolVisibility(true)\n .filesystemVisibility(true)\n .ftpVisibility(true)\n .httpVisibility(true)\n .networkVisibility(true)\n .tlsVisibility(true)\n .sensorTamperingProtection(true)\n .onWriteScriptFileVisibility(true)\n .memoryVisibility(true)\n .build());\n\n ctx.export(\"preventionPolicyLinux\", example);\n }\n}\n```\n```yaml\nresources:\n example:\n type: crowdstrike:PreventionPolicyLinux\n properties:\n enabled: true\n description: Made with Pulumi\n hostGroups: []\n ioaRuleGroups: []\n cloudAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n sensorAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n quarantine: true\n customBlocking: true\n preventSuspiciousProcesses: true\n scriptBasedExecutionMonitoring: true\n uploadUnknownExecutables: true\n uploadUnknownDetectionRelatedExecutables: true\n driftPrevention: true\n emailProtocolVisibility: true\n filesystemVisibility: true\n ftpVisibility: true\n httpVisibility: true\n networkVisibility: true\n tlsVisibility: true\n sensorTamperingProtection: true\n onWriteScriptFileVisibility: true\n memoryVisibility: true\noutputs:\n preventionPolicyLinux: ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nprevention policy can be imported by specifying the policy id.\n\n```sh\n$ pulumi import crowdstrike:index/preventionPolicyLinux:PreventionPolicyLinux example 7fb858a949034a0cbca175f660f1e769\n```\n\n", "properties": { "cloudAntiMalware": { "$ref": "#/types/crowdstrike:index/PreventionPolicyLinuxCloudAntiMalware:PreventionPolicyLinuxCloudAntiMalware", @@ -1735,6 +2165,10 @@ "lastUpdated": { "type": "string" }, + "memoryVisibility": { + "type": "boolean", + "description": "Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events.\n" + }, "name": { "type": "string", "description": "Name of the prevention policy.\n" @@ -1743,6 +2177,10 @@ "type": "boolean", "description": "Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections.\n" }, + "onWriteScriptFileVisibility": { + "type": "boolean", + "description": "Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content.\n" + }, "preventSuspiciousProcesses": { "type": "boolean", "description": "Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats.\n" @@ -1759,6 +2197,10 @@ "$ref": "#/types/crowdstrike:index/PreventionPolicyLinuxSensorAntiMalware:PreventionPolicyLinuxSensorAntiMalware", "description": "For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware.\n" }, + "sensorTamperingProtection": { + "type": "boolean", + "description": "Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended.\n" + }, "tlsVisibility": { "type": "boolean", "description": "Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections.\n" @@ -1784,12 +2226,15 @@ "httpVisibility", "ioaRuleGroups", "lastUpdated", + "memoryVisibility", "name", "networkVisibility", + "onWriteScriptFileVisibility", "preventSuspiciousProcesses", "quarantine", "scriptBasedExecutionMonitoring", "sensorAntiMalware", + "sensorTamperingProtection", "tlsVisibility", "uploadUnknownDetectionRelatedExecutables", "uploadUnknownExecutables" @@ -1845,6 +2290,10 @@ }, "description": "IOA Rule Group to attach to the prevention policy.\n" }, + "memoryVisibility": { + "type": "boolean", + "description": "Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events.\n" + }, "name": { "type": "string", "description": "Name of the prevention policy.\n" @@ -1853,6 +2302,10 @@ "type": "boolean", "description": "Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections.\n" }, + "onWriteScriptFileVisibility": { + "type": "boolean", + "description": "Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content.\n" + }, "preventSuspiciousProcesses": { "type": "boolean", "description": "Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats.\n" @@ -1869,6 +2322,10 @@ "$ref": "#/types/crowdstrike:index/PreventionPolicyLinuxSensorAntiMalware:PreventionPolicyLinuxSensorAntiMalware", "description": "For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware.\n" }, + "sensorTamperingProtection": { + "type": "boolean", + "description": "Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended.\n" + }, "tlsVisibility": { "type": "boolean", "description": "Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections.\n" @@ -1942,6 +2399,10 @@ "lastUpdated": { "type": "string" }, + "memoryVisibility": { + "type": "boolean", + "description": "Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events.\n" + }, "name": { "type": "string", "description": "Name of the prevention policy.\n" @@ -1950,6 +2411,10 @@ "type": "boolean", "description": "Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections.\n" }, + "onWriteScriptFileVisibility": { + "type": "boolean", + "description": "Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content.\n" + }, "preventSuspiciousProcesses": { "type": "boolean", "description": "Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats.\n" @@ -1966,6 +2431,10 @@ "$ref": "#/types/crowdstrike:index/PreventionPolicyLinuxSensorAntiMalware:PreventionPolicyLinuxSensorAntiMalware", "description": "For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware.\n" }, + "sensorTamperingProtection": { + "type": "boolean", + "description": "Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended.\n" + }, "tlsVisibility": { "type": "boolean", "description": "Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections.\n" @@ -1983,7 +2452,7 @@ } }, "crowdstrike:index/preventionPolicyMac:PreventionPolicyMac": { - "description": "This resource allows you to manage CrowdStrike Falcon prevention policies for Mac hosts. Prevention policies allow you to manage what activity will trigger detections and preventions on your hosts.\n\n## API Scopes\n\nThe following API scopes are required:\n\n- Prevention policies | Read \u0026 Write\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as crowdstrike from \"@crowdstrike/pulumi\";\n\nconst example = new crowdstrike.PreventionPolicyMac(\"example\", {\n enabled: false,\n description: \"Made with Pulumi\",\n hostGroups: [\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\"],\n ioaRuleGroups: [],\n cloudAdwareAndPup: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n cloudAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n sensorAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n sensorAdwareAndPup: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n notifyEndUsers: true,\n customBlocking: true,\n detectOnWrite: true,\n intelligenceSourcedThreats: true,\n preventSuspiciousProcesses: true,\n quarantine: true,\n quarantineOnWrite: true,\n scriptBasedExecutionMonitoring: true,\n sensorTamperingProtection: true,\n uploadUnknownExecutables: true,\n uploadUnknownDetectionRelatedExecutables: true,\n xpcomShell: true,\n kcPasswordDecoded: true,\n hashCollector: true,\n empyreBackdoor: true,\n chopperWebshell: true,\n});\nexport const preventionPolicyMac = example;\n```\n```python\nimport pulumi\nimport crowdstrike_pulumi as crowdstrike\n\nexample = crowdstrike.PreventionPolicyMac(\"example\",\n enabled=False,\n description=\"Made with Pulumi\",\n host_groups=[\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\"],\n ioa_rule_groups=[],\n cloud_adware_and_pup={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n cloud_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n sensor_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n sensor_adware_and_pup={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n notify_end_users=True,\n custom_blocking=True,\n detect_on_write=True,\n intelligence_sourced_threats=True,\n prevent_suspicious_processes=True,\n quarantine=True,\n quarantine_on_write=True,\n script_based_execution_monitoring=True,\n sensor_tampering_protection=True,\n upload_unknown_executables=True,\n upload_unknown_detection_related_executables=True,\n xpcom_shell=True,\n kc_password_decoded=True,\n hash_collector=True,\n empyre_backdoor=True,\n chopper_webshell=True)\npulumi.export(\"preventionPolicyMac\", example)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Crowdstrike = CrowdStrike.Crowdstrike;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Crowdstrike.PreventionPolicyMac(\"example\", new()\n {\n Enabled = false,\n Description = \"Made with Pulumi\",\n HostGroups = new[]\n {\n \"d6e3c1e1b3d0467da0fowc96a5e6ecb5\",\n },\n IoaRuleGroups = new[] {},\n CloudAdwareAndPup = new Crowdstrike.Inputs.PreventionPolicyMacCloudAdwareAndPupArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n CloudAntiMalware = new Crowdstrike.Inputs.PreventionPolicyMacCloudAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n SensorAntiMalware = new Crowdstrike.Inputs.PreventionPolicyMacSensorAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n SensorAdwareAndPup = new Crowdstrike.Inputs.PreventionPolicyMacSensorAdwareAndPupArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n NotifyEndUsers = true,\n CustomBlocking = true,\n DetectOnWrite = true,\n IntelligenceSourcedThreats = true,\n PreventSuspiciousProcesses = true,\n Quarantine = true,\n QuarantineOnWrite = true,\n ScriptBasedExecutionMonitoring = true,\n SensorTamperingProtection = true,\n UploadUnknownExecutables = true,\n UploadUnknownDetectionRelatedExecutables = true,\n XpcomShell = true,\n KcPasswordDecoded = true,\n HashCollector = true,\n EmpyreBackdoor = true,\n ChopperWebshell = true,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"preventionPolicyMac\"] = example,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := crowdstrike.NewPreventionPolicyMac(ctx, \"example\", \u0026crowdstrike.PreventionPolicyMacArgs{\n\t\t\tEnabled: pulumi.Bool(false),\n\t\t\tDescription: pulumi.String(\"Made with Pulumi\"),\n\t\t\tHostGroups: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\"),\n\t\t\t},\n\t\t\tIoaRuleGroups: pulumi.StringArray{},\n\t\t\tCloudAdwareAndPup: \u0026crowdstrike.PreventionPolicyMacCloudAdwareAndPupArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tCloudAntiMalware: \u0026crowdstrike.PreventionPolicyMacCloudAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tSensorAntiMalware: \u0026crowdstrike.PreventionPolicyMacSensorAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tSensorAdwareAndPup: \u0026crowdstrike.PreventionPolicyMacSensorAdwareAndPupArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tNotifyEndUsers: pulumi.Bool(true),\n\t\t\tCustomBlocking: pulumi.Bool(true),\n\t\t\tDetectOnWrite: pulumi.Bool(true),\n\t\t\tIntelligenceSourcedThreats: pulumi.Bool(true),\n\t\t\tPreventSuspiciousProcesses: pulumi.Bool(true),\n\t\t\tQuarantine: pulumi.Bool(true),\n\t\t\tQuarantineOnWrite: pulumi.Bool(true),\n\t\t\tScriptBasedExecutionMonitoring: pulumi.Bool(true),\n\t\t\tSensorTamperingProtection: pulumi.Bool(true),\n\t\t\tUploadUnknownExecutables: pulumi.Bool(true),\n\t\t\tUploadUnknownDetectionRelatedExecutables: pulumi.Bool(true),\n\t\t\tXpcomShell: pulumi.Bool(true),\n\t\t\tKcPasswordDecoded: pulumi.Bool(true),\n\t\t\tHashCollector: pulumi.Bool(true),\n\t\t\tEmpyreBackdoor: pulumi.Bool(true),\n\t\t\tChopperWebshell: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"preventionPolicyMac\", example)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.crowdstrike.PreventionPolicyMac;\nimport com.pulumi.crowdstrike.PreventionPolicyMacArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyMacCloudAdwareAndPupArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyMacCloudAntiMalwareArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyMacSensorAntiMalwareArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyMacSensorAdwareAndPupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PreventionPolicyMac(\"example\", PreventionPolicyMacArgs.builder()\n .enabled(false)\n .description(\"Made with Pulumi\")\n .hostGroups(\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\")\n .ioaRuleGroups()\n .cloudAdwareAndPup(PreventionPolicyMacCloudAdwareAndPupArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .cloudAntiMalware(PreventionPolicyMacCloudAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .sensorAntiMalware(PreventionPolicyMacSensorAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .sensorAdwareAndPup(PreventionPolicyMacSensorAdwareAndPupArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .notifyEndUsers(true)\n .customBlocking(true)\n .detectOnWrite(true)\n .intelligenceSourcedThreats(true)\n .preventSuspiciousProcesses(true)\n .quarantine(true)\n .quarantineOnWrite(true)\n .scriptBasedExecutionMonitoring(true)\n .sensorTamperingProtection(true)\n .uploadUnknownExecutables(true)\n .uploadUnknownDetectionRelatedExecutables(true)\n .xpcomShell(true)\n .kcPasswordDecoded(true)\n .hashCollector(true)\n .empyreBackdoor(true)\n .chopperWebshell(true)\n .build());\n\n ctx.export(\"preventionPolicyMac\", example);\n }\n}\n```\n```yaml\nresources:\n example:\n type: crowdstrike:PreventionPolicyMac\n properties:\n enabled: false\n description: Made with Pulumi\n hostGroups:\n - d6e3c1e1b3d0467da0fowc96a5e6ecb5\n ioaRuleGroups: []\n cloudAdwareAndPup:\n detection: MODERATE\n prevention: CAUTIOUS\n cloudAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n sensorAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n sensorAdwareAndPup:\n detection: MODERATE\n prevention: CAUTIOUS\n notifyEndUsers: true\n customBlocking: true\n detectOnWrite: true\n intelligenceSourcedThreats: true\n preventSuspiciousProcesses: true\n quarantine: true\n quarantineOnWrite: true\n scriptBasedExecutionMonitoring: true\n sensorTamperingProtection: true\n uploadUnknownExecutables: true\n uploadUnknownDetectionRelatedExecutables: true\n xpcomShell: true\n kcPasswordDecoded: true\n hashCollector: true\n empyreBackdoor: true\n chopperWebshell: true\noutputs:\n preventionPolicyMac: ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nprevention policy can be imported by specifying the policy id.\n\n```sh\n$ pulumi import crowdstrike:index/preventionPolicyMac:PreventionPolicyMac example 7fb858a949034a0cbca175f660f1e769\n```\n\n", + "description": "This resource allows you to manage CrowdStrike Falcon prevention policies for Mac hosts. Prevention policies allow you to manage what activity will trigger detections and preventions on your hosts.\n\n## API Scopes\n\nThe following API scopes are required:\n\n- Prevention policies | Read \u0026 Write\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as crowdstrike from \"@crowdstrike/pulumi\";\n\nconst example = new crowdstrike.PreventionPolicyMac(\"example\", {\n enabled: false,\n description: \"Made with Pulumi\",\n hostGroups: [],\n ioaRuleGroups: [],\n cloudAdwareAndPup: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n cloudAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n sensorAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n sensorAdwareAndPup: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n notifyEndUsers: true,\n customBlocking: true,\n detectOnWrite: true,\n intelligenceSourcedThreats: true,\n preventSuspiciousProcesses: true,\n quarantine: true,\n quarantineOnWrite: true,\n scriptBasedExecutionMonitoring: true,\n sensorTamperingProtection: true,\n uploadUnknownExecutables: true,\n uploadUnknownDetectionRelatedExecutables: true,\n xpcomShell: true,\n kcPasswordDecoded: true,\n hashCollector: true,\n empyreBackdoor: true,\n chopperWebshell: true,\n});\nexport const preventionPolicyMac = example;\n```\n```python\nimport pulumi\nimport crowdstrike_pulumi as crowdstrike\n\nexample = crowdstrike.PreventionPolicyMac(\"example\",\n enabled=False,\n description=\"Made with Pulumi\",\n host_groups=[],\n ioa_rule_groups=[],\n cloud_adware_and_pup={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n cloud_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n sensor_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n sensor_adware_and_pup={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n notify_end_users=True,\n custom_blocking=True,\n detect_on_write=True,\n intelligence_sourced_threats=True,\n prevent_suspicious_processes=True,\n quarantine=True,\n quarantine_on_write=True,\n script_based_execution_monitoring=True,\n sensor_tampering_protection=True,\n upload_unknown_executables=True,\n upload_unknown_detection_related_executables=True,\n xpcom_shell=True,\n kc_password_decoded=True,\n hash_collector=True,\n empyre_backdoor=True,\n chopper_webshell=True)\npulumi.export(\"preventionPolicyMac\", example)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Crowdstrike = CrowdStrike.Crowdstrike;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Crowdstrike.PreventionPolicyMac(\"example\", new()\n {\n Enabled = false,\n Description = \"Made with Pulumi\",\n HostGroups = new[] {},\n IoaRuleGroups = new[] {},\n CloudAdwareAndPup = new Crowdstrike.Inputs.PreventionPolicyMacCloudAdwareAndPupArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n CloudAntiMalware = new Crowdstrike.Inputs.PreventionPolicyMacCloudAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n SensorAntiMalware = new Crowdstrike.Inputs.PreventionPolicyMacSensorAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n SensorAdwareAndPup = new Crowdstrike.Inputs.PreventionPolicyMacSensorAdwareAndPupArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n NotifyEndUsers = true,\n CustomBlocking = true,\n DetectOnWrite = true,\n IntelligenceSourcedThreats = true,\n PreventSuspiciousProcesses = true,\n Quarantine = true,\n QuarantineOnWrite = true,\n ScriptBasedExecutionMonitoring = true,\n SensorTamperingProtection = true,\n UploadUnknownExecutables = true,\n UploadUnknownDetectionRelatedExecutables = true,\n XpcomShell = true,\n KcPasswordDecoded = true,\n HashCollector = true,\n EmpyreBackdoor = true,\n ChopperWebshell = true,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"preventionPolicyMac\"] = example,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := crowdstrike.NewPreventionPolicyMac(ctx, \"example\", \u0026crowdstrike.PreventionPolicyMacArgs{\n\t\t\tEnabled: pulumi.Bool(false),\n\t\t\tDescription: pulumi.String(\"Made with Pulumi\"),\n\t\t\tHostGroups: pulumi.StringArray{},\n\t\t\tIoaRuleGroups: pulumi.StringArray{},\n\t\t\tCloudAdwareAndPup: \u0026crowdstrike.PreventionPolicyMacCloudAdwareAndPupArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tCloudAntiMalware: \u0026crowdstrike.PreventionPolicyMacCloudAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tSensorAntiMalware: \u0026crowdstrike.PreventionPolicyMacSensorAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tSensorAdwareAndPup: \u0026crowdstrike.PreventionPolicyMacSensorAdwareAndPupArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tNotifyEndUsers: pulumi.Bool(true),\n\t\t\tCustomBlocking: pulumi.Bool(true),\n\t\t\tDetectOnWrite: pulumi.Bool(true),\n\t\t\tIntelligenceSourcedThreats: pulumi.Bool(true),\n\t\t\tPreventSuspiciousProcesses: pulumi.Bool(true),\n\t\t\tQuarantine: pulumi.Bool(true),\n\t\t\tQuarantineOnWrite: pulumi.Bool(true),\n\t\t\tScriptBasedExecutionMonitoring: pulumi.Bool(true),\n\t\t\tSensorTamperingProtection: pulumi.Bool(true),\n\t\t\tUploadUnknownExecutables: pulumi.Bool(true),\n\t\t\tUploadUnknownDetectionRelatedExecutables: pulumi.Bool(true),\n\t\t\tXpcomShell: pulumi.Bool(true),\n\t\t\tKcPasswordDecoded: pulumi.Bool(true),\n\t\t\tHashCollector: pulumi.Bool(true),\n\t\t\tEmpyreBackdoor: pulumi.Bool(true),\n\t\t\tChopperWebshell: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"preventionPolicyMac\", example)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.crowdstrike.PreventionPolicyMac;\nimport com.pulumi.crowdstrike.PreventionPolicyMacArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyMacCloudAdwareAndPupArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyMacCloudAntiMalwareArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyMacSensorAntiMalwareArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyMacSensorAdwareAndPupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PreventionPolicyMac(\"example\", PreventionPolicyMacArgs.builder()\n .enabled(false)\n .description(\"Made with Pulumi\")\n .hostGroups()\n .ioaRuleGroups()\n .cloudAdwareAndPup(PreventionPolicyMacCloudAdwareAndPupArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .cloudAntiMalware(PreventionPolicyMacCloudAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .sensorAntiMalware(PreventionPolicyMacSensorAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .sensorAdwareAndPup(PreventionPolicyMacSensorAdwareAndPupArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .notifyEndUsers(true)\n .customBlocking(true)\n .detectOnWrite(true)\n .intelligenceSourcedThreats(true)\n .preventSuspiciousProcesses(true)\n .quarantine(true)\n .quarantineOnWrite(true)\n .scriptBasedExecutionMonitoring(true)\n .sensorTamperingProtection(true)\n .uploadUnknownExecutables(true)\n .uploadUnknownDetectionRelatedExecutables(true)\n .xpcomShell(true)\n .kcPasswordDecoded(true)\n .hashCollector(true)\n .empyreBackdoor(true)\n .chopperWebshell(true)\n .build());\n\n ctx.export(\"preventionPolicyMac\", example);\n }\n}\n```\n```yaml\nresources:\n example:\n type: crowdstrike:PreventionPolicyMac\n properties:\n enabled: false\n description: Made with Pulumi\n hostGroups: []\n ioaRuleGroups: []\n cloudAdwareAndPup:\n detection: MODERATE\n prevention: CAUTIOUS\n cloudAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n sensorAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n sensorAdwareAndPup:\n detection: MODERATE\n prevention: CAUTIOUS\n notifyEndUsers: true\n customBlocking: true\n detectOnWrite: true\n intelligenceSourcedThreats: true\n preventSuspiciousProcesses: true\n quarantine: true\n quarantineOnWrite: true\n scriptBasedExecutionMonitoring: true\n sensorTamperingProtection: true\n uploadUnknownExecutables: true\n uploadUnknownDetectionRelatedExecutables: true\n xpcomShell: true\n kcPasswordDecoded: true\n hashCollector: true\n empyreBackdoor: true\n chopperWebshell: true\noutputs:\n preventionPolicyMac: ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nprevention policy can be imported by specifying the policy id.\n\n```sh\n$ pulumi import crowdstrike:index/preventionPolicyMac:PreventionPolicyMac example 7fb858a949034a0cbca175f660f1e769\n```\n\n", "properties": { "chopperWebshell": { "type": "boolean", @@ -2351,7 +2820,7 @@ } }, "crowdstrike:index/preventionPolicyWindows:PreventionPolicyWindows": { - "description": "This resource allows you to manage CrowdStrike Falcon prevention policies for Windows hosts. Prevention policies allow you to manage what activity will trigger detections and preventions on your hosts.\n\n## API Scopes\n\nThe following API scopes are required:\n\n- Prevention policies | Read \u0026 Write\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as crowdstrike from \"@crowdstrike/pulumi\";\n\nconst example = new crowdstrike.PreventionPolicyWindows(\"example\", {\n enabled: false,\n description: \"Made with Pulumi\",\n hostGroups: [\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\"],\n ioaRuleGroups: [],\n adwareAndPup: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n cloudAntiMalwareMicrosoftOfficeFiles: {\n detection: \"MODERATE\",\n prevention: \"DISABLED\",\n },\n cloudAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n cloudAntiMalwareUserInitiated: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n sensorAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n sensorAntiMalwareUserInitiated: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n extendedUserModeData: {\n detection: \"MODERATE\",\n },\n usbInsertionTriggeredScan: false,\n applicationExploitationActivity: false,\n additionalUserModeData: false,\n notifyEndUsers: false,\n advancedRemediation: false,\n backupDeletion: false,\n biosDeepVisibility: false,\n chopperWebshell: false,\n codeInjection: false,\n credentialDumping: false,\n cryptowall: false,\n customBlocking: false,\n detectOnWrite: false,\n driveByDownload: false,\n driverLoadPrevention: false,\n interpreterOnly: false,\n engineFullVisibility: false,\n enhancedExploitationVisibility: false,\n enhancedMlForLargerFiles: false,\n fileEncryption: false,\n fileSystemAccess: false,\n forceAslr: false,\n forceDep: false,\n heapSprayPreallocation: false,\n nullPageAllocation: false,\n sehOverwriteProtection: false,\n hardwareEnhancedExploitDetection: false,\n httpDetections: false,\n redactHttpDetectionDetails: false,\n intelligenceSourcedThreats: false,\n javascriptViaRundll32: false,\n locky: false,\n memoryScanning: false,\n memoryScanningScanWithCpu: false,\n microsoftOfficeFileSuspiciousMacroRemoval: false,\n onWriteScriptFileVisibility: false,\n preventSuspiciousProcesses: false,\n quarantineAndSecurityCenterRegistration: false,\n quarantineOnRemovableMedia: false,\n quarantineOnWrite: false,\n scriptBasedExecutionMonitoring: false,\n sensorTamperingProtection: false,\n suspiciousRegistryOperations: false,\n suspiciousScriptsAndCommands: false,\n uploadUnknownExecutables: false,\n uploadUnknownDetectionRelatedExecutables: false,\n volumeShadowCopyAudit: false,\n volumeShadowCopyProtect: false,\n vulnerableDriverProtection: false,\n windowsLogonBypassStickyKeys: false,\n});\nexport const preventionPolicyWindows = example;\n```\n```python\nimport pulumi\nimport crowdstrike_pulumi as crowdstrike\n\nexample = crowdstrike.PreventionPolicyWindows(\"example\",\n enabled=False,\n description=\"Made with Pulumi\",\n host_groups=[\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\"],\n ioa_rule_groups=[],\n adware_and_pup={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n cloud_anti_malware_microsoft_office_files={\n \"detection\": \"MODERATE\",\n \"prevention\": \"DISABLED\",\n },\n cloud_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n cloud_anti_malware_user_initiated={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n sensor_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n sensor_anti_malware_user_initiated={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n extended_user_mode_data={\n \"detection\": \"MODERATE\",\n },\n usb_insertion_triggered_scan=False,\n application_exploitation_activity=False,\n additional_user_mode_data=False,\n notify_end_users=False,\n advanced_remediation=False,\n backup_deletion=False,\n bios_deep_visibility=False,\n chopper_webshell=False,\n code_injection=False,\n credential_dumping=False,\n cryptowall=False,\n custom_blocking=False,\n detect_on_write=False,\n drive_by_download=False,\n driver_load_prevention=False,\n interpreter_only=False,\n engine_full_visibility=False,\n enhanced_exploitation_visibility=False,\n enhanced_ml_for_larger_files=False,\n file_encryption=False,\n file_system_access=False,\n force_aslr=False,\n force_dep=False,\n heap_spray_preallocation=False,\n null_page_allocation=False,\n seh_overwrite_protection=False,\n hardware_enhanced_exploit_detection=False,\n http_detections=False,\n redact_http_detection_details=False,\n intelligence_sourced_threats=False,\n javascript_via_rundll32=False,\n locky=False,\n memory_scanning=False,\n memory_scanning_scan_with_cpu=False,\n microsoft_office_file_suspicious_macro_removal=False,\n on_write_script_file_visibility=False,\n prevent_suspicious_processes=False,\n quarantine_and_security_center_registration=False,\n quarantine_on_removable_media=False,\n quarantine_on_write=False,\n script_based_execution_monitoring=False,\n sensor_tampering_protection=False,\n suspicious_registry_operations=False,\n suspicious_scripts_and_commands=False,\n upload_unknown_executables=False,\n upload_unknown_detection_related_executables=False,\n volume_shadow_copy_audit=False,\n volume_shadow_copy_protect=False,\n vulnerable_driver_protection=False,\n windows_logon_bypass_sticky_keys=False)\npulumi.export(\"preventionPolicyWindows\", example)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Crowdstrike = CrowdStrike.Crowdstrike;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Crowdstrike.PreventionPolicyWindows(\"example\", new()\n {\n Enabled = false,\n Description = \"Made with Pulumi\",\n HostGroups = new[]\n {\n \"d6e3c1e1b3d0467da0fowc96a5e6ecb5\",\n },\n IoaRuleGroups = new[] {},\n AdwareAndPup = new Crowdstrike.Inputs.PreventionPolicyWindowsAdwareAndPupArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n CloudAntiMalwareMicrosoftOfficeFiles = new Crowdstrike.Inputs.PreventionPolicyWindowsCloudAntiMalwareMicrosoftOfficeFilesArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"DISABLED\",\n },\n CloudAntiMalware = new Crowdstrike.Inputs.PreventionPolicyWindowsCloudAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n CloudAntiMalwareUserInitiated = new Crowdstrike.Inputs.PreventionPolicyWindowsCloudAntiMalwareUserInitiatedArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n SensorAntiMalware = new Crowdstrike.Inputs.PreventionPolicyWindowsSensorAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n SensorAntiMalwareUserInitiated = new Crowdstrike.Inputs.PreventionPolicyWindowsSensorAntiMalwareUserInitiatedArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n ExtendedUserModeData = new Crowdstrike.Inputs.PreventionPolicyWindowsExtendedUserModeDataArgs\n {\n Detection = \"MODERATE\",\n },\n UsbInsertionTriggeredScan = false,\n ApplicationExploitationActivity = false,\n AdditionalUserModeData = false,\n NotifyEndUsers = false,\n AdvancedRemediation = false,\n BackupDeletion = false,\n BiosDeepVisibility = false,\n ChopperWebshell = false,\n CodeInjection = false,\n CredentialDumping = false,\n Cryptowall = false,\n CustomBlocking = false,\n DetectOnWrite = false,\n DriveByDownload = false,\n DriverLoadPrevention = false,\n InterpreterOnly = false,\n EngineFullVisibility = false,\n EnhancedExploitationVisibility = false,\n EnhancedMlForLargerFiles = false,\n FileEncryption = false,\n FileSystemAccess = false,\n ForceAslr = false,\n ForceDep = false,\n HeapSprayPreallocation = false,\n NullPageAllocation = false,\n SehOverwriteProtection = false,\n HardwareEnhancedExploitDetection = false,\n HttpDetections = false,\n RedactHttpDetectionDetails = false,\n IntelligenceSourcedThreats = false,\n JavascriptViaRundll32 = false,\n Locky = false,\n MemoryScanning = false,\n MemoryScanningScanWithCpu = false,\n MicrosoftOfficeFileSuspiciousMacroRemoval = false,\n OnWriteScriptFileVisibility = false,\n PreventSuspiciousProcesses = false,\n QuarantineAndSecurityCenterRegistration = false,\n QuarantineOnRemovableMedia = false,\n QuarantineOnWrite = false,\n ScriptBasedExecutionMonitoring = false,\n SensorTamperingProtection = false,\n SuspiciousRegistryOperations = false,\n SuspiciousScriptsAndCommands = false,\n UploadUnknownExecutables = false,\n UploadUnknownDetectionRelatedExecutables = false,\n VolumeShadowCopyAudit = false,\n VolumeShadowCopyProtect = false,\n VulnerableDriverProtection = false,\n WindowsLogonBypassStickyKeys = false,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"preventionPolicyWindows\"] = example,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := crowdstrike.NewPreventionPolicyWindows(ctx, \"example\", \u0026crowdstrike.PreventionPolicyWindowsArgs{\n\t\t\tEnabled: pulumi.Bool(false),\n\t\t\tDescription: pulumi.String(\"Made with Pulumi\"),\n\t\t\tHostGroups: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\"),\n\t\t\t},\n\t\t\tIoaRuleGroups: pulumi.StringArray{},\n\t\t\tAdwareAndPup: \u0026crowdstrike.PreventionPolicyWindowsAdwareAndPupArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tCloudAntiMalwareMicrosoftOfficeFiles: \u0026crowdstrike.PreventionPolicyWindowsCloudAntiMalwareMicrosoftOfficeFilesArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"DISABLED\"),\n\t\t\t},\n\t\t\tCloudAntiMalware: \u0026crowdstrike.PreventionPolicyWindowsCloudAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tCloudAntiMalwareUserInitiated: \u0026crowdstrike.PreventionPolicyWindowsCloudAntiMalwareUserInitiatedArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tSensorAntiMalware: \u0026crowdstrike.PreventionPolicyWindowsSensorAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tSensorAntiMalwareUserInitiated: \u0026crowdstrike.PreventionPolicyWindowsSensorAntiMalwareUserInitiatedArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tExtendedUserModeData: \u0026crowdstrike.PreventionPolicyWindowsExtendedUserModeDataArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t},\n\t\t\tUsbInsertionTriggeredScan: pulumi.Bool(false),\n\t\t\tApplicationExploitationActivity: pulumi.Bool(false),\n\t\t\tAdditionalUserModeData: pulumi.Bool(false),\n\t\t\tNotifyEndUsers: pulumi.Bool(false),\n\t\t\tAdvancedRemediation: pulumi.Bool(false),\n\t\t\tBackupDeletion: pulumi.Bool(false),\n\t\t\tBiosDeepVisibility: pulumi.Bool(false),\n\t\t\tChopperWebshell: pulumi.Bool(false),\n\t\t\tCodeInjection: pulumi.Bool(false),\n\t\t\tCredentialDumping: pulumi.Bool(false),\n\t\t\tCryptowall: pulumi.Bool(false),\n\t\t\tCustomBlocking: pulumi.Bool(false),\n\t\t\tDetectOnWrite: pulumi.Bool(false),\n\t\t\tDriveByDownload: pulumi.Bool(false),\n\t\t\tDriverLoadPrevention: pulumi.Bool(false),\n\t\t\tInterpreterOnly: pulumi.Bool(false),\n\t\t\tEngineFullVisibility: pulumi.Bool(false),\n\t\t\tEnhancedExploitationVisibility: pulumi.Bool(false),\n\t\t\tEnhancedMlForLargerFiles: pulumi.Bool(false),\n\t\t\tFileEncryption: pulumi.Bool(false),\n\t\t\tFileSystemAccess: pulumi.Bool(false),\n\t\t\tForceAslr: pulumi.Bool(false),\n\t\t\tForceDep: pulumi.Bool(false),\n\t\t\tHeapSprayPreallocation: pulumi.Bool(false),\n\t\t\tNullPageAllocation: pulumi.Bool(false),\n\t\t\tSehOverwriteProtection: pulumi.Bool(false),\n\t\t\tHardwareEnhancedExploitDetection: pulumi.Bool(false),\n\t\t\tHttpDetections: pulumi.Bool(false),\n\t\t\tRedactHttpDetectionDetails: pulumi.Bool(false),\n\t\t\tIntelligenceSourcedThreats: pulumi.Bool(false),\n\t\t\tJavascriptViaRundll32: pulumi.Bool(false),\n\t\t\tLocky: pulumi.Bool(false),\n\t\t\tMemoryScanning: pulumi.Bool(false),\n\t\t\tMemoryScanningScanWithCpu: pulumi.Bool(false),\n\t\t\tMicrosoftOfficeFileSuspiciousMacroRemoval: pulumi.Bool(false),\n\t\t\tOnWriteScriptFileVisibility: pulumi.Bool(false),\n\t\t\tPreventSuspiciousProcesses: pulumi.Bool(false),\n\t\t\tQuarantineAndSecurityCenterRegistration: pulumi.Bool(false),\n\t\t\tQuarantineOnRemovableMedia: pulumi.Bool(false),\n\t\t\tQuarantineOnWrite: pulumi.Bool(false),\n\t\t\tScriptBasedExecutionMonitoring: pulumi.Bool(false),\n\t\t\tSensorTamperingProtection: pulumi.Bool(false),\n\t\t\tSuspiciousRegistryOperations: pulumi.Bool(false),\n\t\t\tSuspiciousScriptsAndCommands: pulumi.Bool(false),\n\t\t\tUploadUnknownExecutables: pulumi.Bool(false),\n\t\t\tUploadUnknownDetectionRelatedExecutables: pulumi.Bool(false),\n\t\t\tVolumeShadowCopyAudit: pulumi.Bool(false),\n\t\t\tVolumeShadowCopyProtect: pulumi.Bool(false),\n\t\t\tVulnerableDriverProtection: pulumi.Bool(false),\n\t\t\tWindowsLogonBypassStickyKeys: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"preventionPolicyWindows\", example)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.crowdstrike.PreventionPolicyWindows;\nimport com.pulumi.crowdstrike.PreventionPolicyWindowsArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsAdwareAndPupArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsCloudAntiMalwareMicrosoftOfficeFilesArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsCloudAntiMalwareArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsCloudAntiMalwareUserInitiatedArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsSensorAntiMalwareArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsSensorAntiMalwareUserInitiatedArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsExtendedUserModeDataArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PreventionPolicyWindows(\"example\", PreventionPolicyWindowsArgs.builder()\n .enabled(false)\n .description(\"Made with Pulumi\")\n .hostGroups(\"d6e3c1e1b3d0467da0fowc96a5e6ecb5\")\n .ioaRuleGroups()\n .adwareAndPup(PreventionPolicyWindowsAdwareAndPupArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .cloudAntiMalwareMicrosoftOfficeFiles(PreventionPolicyWindowsCloudAntiMalwareMicrosoftOfficeFilesArgs.builder()\n .detection(\"MODERATE\")\n .prevention(\"DISABLED\")\n .build())\n .cloudAntiMalware(PreventionPolicyWindowsCloudAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .cloudAntiMalwareUserInitiated(PreventionPolicyWindowsCloudAntiMalwareUserInitiatedArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .sensorAntiMalware(PreventionPolicyWindowsSensorAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .sensorAntiMalwareUserInitiated(PreventionPolicyWindowsSensorAntiMalwareUserInitiatedArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .extendedUserModeData(PreventionPolicyWindowsExtendedUserModeDataArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .usbInsertionTriggeredScan(false)\n .applicationExploitationActivity(false)\n .additionalUserModeData(false)\n .notifyEndUsers(false)\n .advancedRemediation(false)\n .backupDeletion(false)\n .biosDeepVisibility(false)\n .chopperWebshell(false)\n .codeInjection(false)\n .credentialDumping(false)\n .cryptowall(false)\n .customBlocking(false)\n .detectOnWrite(false)\n .driveByDownload(false)\n .driverLoadPrevention(false)\n .interpreterOnly(false)\n .engineFullVisibility(false)\n .enhancedExploitationVisibility(false)\n .enhancedMlForLargerFiles(false)\n .fileEncryption(false)\n .fileSystemAccess(false)\n .forceAslr(false)\n .forceDep(false)\n .heapSprayPreallocation(false)\n .nullPageAllocation(false)\n .sehOverwriteProtection(false)\n .hardwareEnhancedExploitDetection(false)\n .httpDetections(false)\n .redactHttpDetectionDetails(false)\n .intelligenceSourcedThreats(false)\n .javascriptViaRundll32(false)\n .locky(false)\n .memoryScanning(false)\n .memoryScanningScanWithCpu(false)\n .microsoftOfficeFileSuspiciousMacroRemoval(false)\n .onWriteScriptFileVisibility(false)\n .preventSuspiciousProcesses(false)\n .quarantineAndSecurityCenterRegistration(false)\n .quarantineOnRemovableMedia(false)\n .quarantineOnWrite(false)\n .scriptBasedExecutionMonitoring(false)\n .sensorTamperingProtection(false)\n .suspiciousRegistryOperations(false)\n .suspiciousScriptsAndCommands(false)\n .uploadUnknownExecutables(false)\n .uploadUnknownDetectionRelatedExecutables(false)\n .volumeShadowCopyAudit(false)\n .volumeShadowCopyProtect(false)\n .vulnerableDriverProtection(false)\n .windowsLogonBypassStickyKeys(false)\n .build());\n\n ctx.export(\"preventionPolicyWindows\", example);\n }\n}\n```\n```yaml\nresources:\n example:\n type: crowdstrike:PreventionPolicyWindows\n properties:\n enabled: false\n description: Made with Pulumi\n hostGroups:\n - d6e3c1e1b3d0467da0fowc96a5e6ecb5\n ioaRuleGroups: []\n adwareAndPup:\n detection: MODERATE\n prevention: CAUTIOUS\n cloudAntiMalwareMicrosoftOfficeFiles:\n detection: MODERATE\n prevention: DISABLED\n cloudAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n cloudAntiMalwareUserInitiated:\n detection: MODERATE\n prevention: CAUTIOUS\n sensorAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n sensorAntiMalwareUserInitiated:\n detection: MODERATE\n prevention: CAUTIOUS\n extendedUserModeData:\n detection: MODERATE\n usbInsertionTriggeredScan: false\n applicationExploitationActivity: false\n additionalUserModeData: false\n notifyEndUsers: false\n advancedRemediation: false\n backupDeletion: false\n biosDeepVisibility: false\n chopperWebshell: false\n codeInjection: false\n credentialDumping: false\n cryptowall: false\n customBlocking: false\n detectOnWrite: false\n driveByDownload: false\n driverLoadPrevention: false\n interpreterOnly: false\n engineFullVisibility: false\n enhancedExploitationVisibility: false\n enhancedMlForLargerFiles: false\n fileEncryption: false\n fileSystemAccess: false\n forceAslr: false\n forceDep: false\n heapSprayPreallocation: false\n nullPageAllocation: false\n sehOverwriteProtection: false\n hardwareEnhancedExploitDetection: false\n httpDetections: false\n redactHttpDetectionDetails: false\n intelligenceSourcedThreats: false\n javascriptViaRundll32: false\n locky: false\n memoryScanning: false\n memoryScanningScanWithCpu: false\n microsoftOfficeFileSuspiciousMacroRemoval: false\n onWriteScriptFileVisibility: false\n preventSuspiciousProcesses: false\n quarantineAndSecurityCenterRegistration: false\n quarantineOnRemovableMedia: false\n quarantineOnWrite: false\n scriptBasedExecutionMonitoring: false\n sensorTamperingProtection: false\n suspiciousRegistryOperations: false\n suspiciousScriptsAndCommands: false\n uploadUnknownExecutables: false\n uploadUnknownDetectionRelatedExecutables: false\n volumeShadowCopyAudit: false\n volumeShadowCopyProtect: false\n vulnerableDriverProtection: false\n windowsLogonBypassStickyKeys: false\noutputs:\n preventionPolicyWindows: ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nprevention policy can be imported by specifying the policy id.\n\n```sh\n$ pulumi import crowdstrike:index/preventionPolicyWindows:PreventionPolicyWindows example 7fb858a949034a0cbca175f660f1e769\n```\n\n", + "description": "This resource allows you to manage CrowdStrike Falcon prevention policies for Windows hosts. Prevention policies allow you to manage what activity will trigger detections and preventions on your hosts.\n\n## API Scopes\n\nThe following API scopes are required:\n\n- Prevention policies | Read \u0026 Write\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as crowdstrike from \"@crowdstrike/pulumi\";\n\nconst example = new crowdstrike.PreventionPolicyWindows(\"example\", {\n enabled: true,\n description: \"Made with Pulumi\",\n hostGroups: [],\n ioaRuleGroups: [],\n adwareAndPup: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n cloudAntiMalwareMicrosoftOfficeFiles: {\n detection: \"MODERATE\",\n prevention: \"DISABLED\",\n },\n cloudAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n cloudAntiMalwareUserInitiated: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n sensorAntiMalware: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n sensorAntiMalwareUserInitiated: {\n detection: \"MODERATE\",\n prevention: \"CAUTIOUS\",\n },\n extendedUserModeData: {\n detection: \"MODERATE\",\n },\n usbInsertionTriggeredScan: true,\n applicationExploitationActivity: true,\n additionalUserModeData: true,\n notifyEndUsers: true,\n advancedRemediation: true,\n backupDeletion: true,\n biosDeepVisibility: true,\n chopperWebshell: true,\n codeInjection: true,\n credentialDumping: true,\n cryptowall: true,\n customBlocking: true,\n detectOnWrite: true,\n driveByDownload: true,\n driverLoadPrevention: true,\n interpreterOnly: true,\n engineFullVisibility: true,\n enhancedExploitationVisibility: true,\n enhancedDllLoadVisibility: true,\n enhancedMlForLargerFiles: true,\n fileEncryption: true,\n fileSystemAccess: true,\n forceAslr: true,\n forceDep: true,\n heapSprayPreallocation: true,\n nullPageAllocation: true,\n sehOverwriteProtection: true,\n hardwareEnhancedExploitDetection: true,\n httpDetections: true,\n redactHttpDetectionDetails: true,\n intelligenceSourcedThreats: true,\n javascriptViaRundll32: true,\n locky: true,\n memoryScanning: true,\n memoryScanningScanWithCpu: true,\n microsoftOfficeFileSuspiciousMacroRemoval: true,\n onWriteScriptFileVisibility: true,\n preventSuspiciousProcesses: true,\n quarantineAndSecurityCenterRegistration: true,\n quarantineOnRemovableMedia: true,\n quarantineOnWrite: true,\n scriptBasedExecutionMonitoring: true,\n sensorTamperingProtection: true,\n suspiciousRegistryOperations: true,\n suspiciousScriptsAndCommands: true,\n uploadUnknownExecutables: true,\n uploadUnknownDetectionRelatedExecutables: true,\n volumeShadowCopyAudit: true,\n volumeShadowCopyProtect: true,\n vulnerableDriverProtection: true,\n windowsLogonBypassStickyKeys: true,\n});\nexport const preventionPolicyWindows = example;\n```\n```python\nimport pulumi\nimport crowdstrike_pulumi as crowdstrike\n\nexample = crowdstrike.PreventionPolicyWindows(\"example\",\n enabled=True,\n description=\"Made with Pulumi\",\n host_groups=[],\n ioa_rule_groups=[],\n adware_and_pup={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n cloud_anti_malware_microsoft_office_files={\n \"detection\": \"MODERATE\",\n \"prevention\": \"DISABLED\",\n },\n cloud_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n cloud_anti_malware_user_initiated={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n sensor_anti_malware={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n sensor_anti_malware_user_initiated={\n \"detection\": \"MODERATE\",\n \"prevention\": \"CAUTIOUS\",\n },\n extended_user_mode_data={\n \"detection\": \"MODERATE\",\n },\n usb_insertion_triggered_scan=True,\n application_exploitation_activity=True,\n additional_user_mode_data=True,\n notify_end_users=True,\n advanced_remediation=True,\n backup_deletion=True,\n bios_deep_visibility=True,\n chopper_webshell=True,\n code_injection=True,\n credential_dumping=True,\n cryptowall=True,\n custom_blocking=True,\n detect_on_write=True,\n drive_by_download=True,\n driver_load_prevention=True,\n interpreter_only=True,\n engine_full_visibility=True,\n enhanced_exploitation_visibility=True,\n enhanced_dll_load_visibility=True,\n enhanced_ml_for_larger_files=True,\n file_encryption=True,\n file_system_access=True,\n force_aslr=True,\n force_dep=True,\n heap_spray_preallocation=True,\n null_page_allocation=True,\n seh_overwrite_protection=True,\n hardware_enhanced_exploit_detection=True,\n http_detections=True,\n redact_http_detection_details=True,\n intelligence_sourced_threats=True,\n javascript_via_rundll32=True,\n locky=True,\n memory_scanning=True,\n memory_scanning_scan_with_cpu=True,\n microsoft_office_file_suspicious_macro_removal=True,\n on_write_script_file_visibility=True,\n prevent_suspicious_processes=True,\n quarantine_and_security_center_registration=True,\n quarantine_on_removable_media=True,\n quarantine_on_write=True,\n script_based_execution_monitoring=True,\n sensor_tampering_protection=True,\n suspicious_registry_operations=True,\n suspicious_scripts_and_commands=True,\n upload_unknown_executables=True,\n upload_unknown_detection_related_executables=True,\n volume_shadow_copy_audit=True,\n volume_shadow_copy_protect=True,\n vulnerable_driver_protection=True,\n windows_logon_bypass_sticky_keys=True)\npulumi.export(\"preventionPolicyWindows\", example)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Crowdstrike = CrowdStrike.Crowdstrike;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Crowdstrike.PreventionPolicyWindows(\"example\", new()\n {\n Enabled = true,\n Description = \"Made with Pulumi\",\n HostGroups = new[] {},\n IoaRuleGroups = new[] {},\n AdwareAndPup = new Crowdstrike.Inputs.PreventionPolicyWindowsAdwareAndPupArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n CloudAntiMalwareMicrosoftOfficeFiles = new Crowdstrike.Inputs.PreventionPolicyWindowsCloudAntiMalwareMicrosoftOfficeFilesArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"DISABLED\",\n },\n CloudAntiMalware = new Crowdstrike.Inputs.PreventionPolicyWindowsCloudAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n CloudAntiMalwareUserInitiated = new Crowdstrike.Inputs.PreventionPolicyWindowsCloudAntiMalwareUserInitiatedArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n SensorAntiMalware = new Crowdstrike.Inputs.PreventionPolicyWindowsSensorAntiMalwareArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n SensorAntiMalwareUserInitiated = new Crowdstrike.Inputs.PreventionPolicyWindowsSensorAntiMalwareUserInitiatedArgs\n {\n Detection = \"MODERATE\",\n Prevention = \"CAUTIOUS\",\n },\n ExtendedUserModeData = new Crowdstrike.Inputs.PreventionPolicyWindowsExtendedUserModeDataArgs\n {\n Detection = \"MODERATE\",\n },\n UsbInsertionTriggeredScan = true,\n ApplicationExploitationActivity = true,\n AdditionalUserModeData = true,\n NotifyEndUsers = true,\n AdvancedRemediation = true,\n BackupDeletion = true,\n BiosDeepVisibility = true,\n ChopperWebshell = true,\n CodeInjection = true,\n CredentialDumping = true,\n Cryptowall = true,\n CustomBlocking = true,\n DetectOnWrite = true,\n DriveByDownload = true,\n DriverLoadPrevention = true,\n InterpreterOnly = true,\n EngineFullVisibility = true,\n EnhancedExploitationVisibility = true,\n EnhancedDllLoadVisibility = true,\n EnhancedMlForLargerFiles = true,\n FileEncryption = true,\n FileSystemAccess = true,\n ForceAslr = true,\n ForceDep = true,\n HeapSprayPreallocation = true,\n NullPageAllocation = true,\n SehOverwriteProtection = true,\n HardwareEnhancedExploitDetection = true,\n HttpDetections = true,\n RedactHttpDetectionDetails = true,\n IntelligenceSourcedThreats = true,\n JavascriptViaRundll32 = true,\n Locky = true,\n MemoryScanning = true,\n MemoryScanningScanWithCpu = true,\n MicrosoftOfficeFileSuspiciousMacroRemoval = true,\n OnWriteScriptFileVisibility = true,\n PreventSuspiciousProcesses = true,\n QuarantineAndSecurityCenterRegistration = true,\n QuarantineOnRemovableMedia = true,\n QuarantineOnWrite = true,\n ScriptBasedExecutionMonitoring = true,\n SensorTamperingProtection = true,\n SuspiciousRegistryOperations = true,\n SuspiciousScriptsAndCommands = true,\n UploadUnknownExecutables = true,\n UploadUnknownDetectionRelatedExecutables = true,\n VolumeShadowCopyAudit = true,\n VolumeShadowCopyProtect = true,\n VulnerableDriverProtection = true,\n WindowsLogonBypassStickyKeys = true,\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"preventionPolicyWindows\"] = example,\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := crowdstrike.NewPreventionPolicyWindows(ctx, \"example\", \u0026crowdstrike.PreventionPolicyWindowsArgs{\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t\tDescription: pulumi.String(\"Made with Pulumi\"),\n\t\t\tHostGroups: pulumi.StringArray{},\n\t\t\tIoaRuleGroups: pulumi.StringArray{},\n\t\t\tAdwareAndPup: \u0026crowdstrike.PreventionPolicyWindowsAdwareAndPupArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tCloudAntiMalwareMicrosoftOfficeFiles: \u0026crowdstrike.PreventionPolicyWindowsCloudAntiMalwareMicrosoftOfficeFilesArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"DISABLED\"),\n\t\t\t},\n\t\t\tCloudAntiMalware: \u0026crowdstrike.PreventionPolicyWindowsCloudAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tCloudAntiMalwareUserInitiated: \u0026crowdstrike.PreventionPolicyWindowsCloudAntiMalwareUserInitiatedArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tSensorAntiMalware: \u0026crowdstrike.PreventionPolicyWindowsSensorAntiMalwareArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tSensorAntiMalwareUserInitiated: \u0026crowdstrike.PreventionPolicyWindowsSensorAntiMalwareUserInitiatedArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t\tPrevention: pulumi.String(\"CAUTIOUS\"),\n\t\t\t},\n\t\t\tExtendedUserModeData: \u0026crowdstrike.PreventionPolicyWindowsExtendedUserModeDataArgs{\n\t\t\t\tDetection: pulumi.String(\"MODERATE\"),\n\t\t\t},\n\t\t\tUsbInsertionTriggeredScan: pulumi.Bool(true),\n\t\t\tApplicationExploitationActivity: pulumi.Bool(true),\n\t\t\tAdditionalUserModeData: pulumi.Bool(true),\n\t\t\tNotifyEndUsers: pulumi.Bool(true),\n\t\t\tAdvancedRemediation: pulumi.Bool(true),\n\t\t\tBackupDeletion: pulumi.Bool(true),\n\t\t\tBiosDeepVisibility: pulumi.Bool(true),\n\t\t\tChopperWebshell: pulumi.Bool(true),\n\t\t\tCodeInjection: pulumi.Bool(true),\n\t\t\tCredentialDumping: pulumi.Bool(true),\n\t\t\tCryptowall: pulumi.Bool(true),\n\t\t\tCustomBlocking: pulumi.Bool(true),\n\t\t\tDetectOnWrite: pulumi.Bool(true),\n\t\t\tDriveByDownload: pulumi.Bool(true),\n\t\t\tDriverLoadPrevention: pulumi.Bool(true),\n\t\t\tInterpreterOnly: pulumi.Bool(true),\n\t\t\tEngineFullVisibility: pulumi.Bool(true),\n\t\t\tEnhancedExploitationVisibility: pulumi.Bool(true),\n\t\t\tEnhancedDllLoadVisibility: pulumi.Bool(true),\n\t\t\tEnhancedMlForLargerFiles: pulumi.Bool(true),\n\t\t\tFileEncryption: pulumi.Bool(true),\n\t\t\tFileSystemAccess: pulumi.Bool(true),\n\t\t\tForceAslr: pulumi.Bool(true),\n\t\t\tForceDep: pulumi.Bool(true),\n\t\t\tHeapSprayPreallocation: pulumi.Bool(true),\n\t\t\tNullPageAllocation: pulumi.Bool(true),\n\t\t\tSehOverwriteProtection: pulumi.Bool(true),\n\t\t\tHardwareEnhancedExploitDetection: pulumi.Bool(true),\n\t\t\tHttpDetections: pulumi.Bool(true),\n\t\t\tRedactHttpDetectionDetails: pulumi.Bool(true),\n\t\t\tIntelligenceSourcedThreats: pulumi.Bool(true),\n\t\t\tJavascriptViaRundll32: pulumi.Bool(true),\n\t\t\tLocky: pulumi.Bool(true),\n\t\t\tMemoryScanning: pulumi.Bool(true),\n\t\t\tMemoryScanningScanWithCpu: pulumi.Bool(true),\n\t\t\tMicrosoftOfficeFileSuspiciousMacroRemoval: pulumi.Bool(true),\n\t\t\tOnWriteScriptFileVisibility: pulumi.Bool(true),\n\t\t\tPreventSuspiciousProcesses: pulumi.Bool(true),\n\t\t\tQuarantineAndSecurityCenterRegistration: pulumi.Bool(true),\n\t\t\tQuarantineOnRemovableMedia: pulumi.Bool(true),\n\t\t\tQuarantineOnWrite: pulumi.Bool(true),\n\t\t\tScriptBasedExecutionMonitoring: pulumi.Bool(true),\n\t\t\tSensorTamperingProtection: pulumi.Bool(true),\n\t\t\tSuspiciousRegistryOperations: pulumi.Bool(true),\n\t\t\tSuspiciousScriptsAndCommands: pulumi.Bool(true),\n\t\t\tUploadUnknownExecutables: pulumi.Bool(true),\n\t\t\tUploadUnknownDetectionRelatedExecutables: pulumi.Bool(true),\n\t\t\tVolumeShadowCopyAudit: pulumi.Bool(true),\n\t\t\tVolumeShadowCopyProtect: pulumi.Bool(true),\n\t\t\tVulnerableDriverProtection: pulumi.Bool(true),\n\t\t\tWindowsLogonBypassStickyKeys: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"preventionPolicyWindows\", example)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.crowdstrike.PreventionPolicyWindows;\nimport com.pulumi.crowdstrike.PreventionPolicyWindowsArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsAdwareAndPupArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsCloudAntiMalwareMicrosoftOfficeFilesArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsCloudAntiMalwareArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsCloudAntiMalwareUserInitiatedArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsSensorAntiMalwareArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsSensorAntiMalwareUserInitiatedArgs;\nimport com.pulumi.crowdstrike.inputs.PreventionPolicyWindowsExtendedUserModeDataArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new PreventionPolicyWindows(\"example\", PreventionPolicyWindowsArgs.builder()\n .enabled(true)\n .description(\"Made with Pulumi\")\n .hostGroups()\n .ioaRuleGroups()\n .adwareAndPup(PreventionPolicyWindowsAdwareAndPupArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .cloudAntiMalwareMicrosoftOfficeFiles(PreventionPolicyWindowsCloudAntiMalwareMicrosoftOfficeFilesArgs.builder()\n .detection(\"MODERATE\")\n .prevention(\"DISABLED\")\n .build())\n .cloudAntiMalware(PreventionPolicyWindowsCloudAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .cloudAntiMalwareUserInitiated(PreventionPolicyWindowsCloudAntiMalwareUserInitiatedArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .sensorAntiMalware(PreventionPolicyWindowsSensorAntiMalwareArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .sensorAntiMalwareUserInitiated(PreventionPolicyWindowsSensorAntiMalwareUserInitiatedArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .extendedUserModeData(PreventionPolicyWindowsExtendedUserModeDataArgs.builder()\n%!v(PANIC=Format method: interface conversion: model.Expression is *model.TemplateExpression, not *model.LiteralValueExpression))\n .usbInsertionTriggeredScan(true)\n .applicationExploitationActivity(true)\n .additionalUserModeData(true)\n .notifyEndUsers(true)\n .advancedRemediation(true)\n .backupDeletion(true)\n .biosDeepVisibility(true)\n .chopperWebshell(true)\n .codeInjection(true)\n .credentialDumping(true)\n .cryptowall(true)\n .customBlocking(true)\n .detectOnWrite(true)\n .driveByDownload(true)\n .driverLoadPrevention(true)\n .interpreterOnly(true)\n .engineFullVisibility(true)\n .enhancedExploitationVisibility(true)\n .enhancedDllLoadVisibility(true)\n .enhancedMlForLargerFiles(true)\n .fileEncryption(true)\n .fileSystemAccess(true)\n .forceAslr(true)\n .forceDep(true)\n .heapSprayPreallocation(true)\n .nullPageAllocation(true)\n .sehOverwriteProtection(true)\n .hardwareEnhancedExploitDetection(true)\n .httpDetections(true)\n .redactHttpDetectionDetails(true)\n .intelligenceSourcedThreats(true)\n .javascriptViaRundll32(true)\n .locky(true)\n .memoryScanning(true)\n .memoryScanningScanWithCpu(true)\n .microsoftOfficeFileSuspiciousMacroRemoval(true)\n .onWriteScriptFileVisibility(true)\n .preventSuspiciousProcesses(true)\n .quarantineAndSecurityCenterRegistration(true)\n .quarantineOnRemovableMedia(true)\n .quarantineOnWrite(true)\n .scriptBasedExecutionMonitoring(true)\n .sensorTamperingProtection(true)\n .suspiciousRegistryOperations(true)\n .suspiciousScriptsAndCommands(true)\n .uploadUnknownExecutables(true)\n .uploadUnknownDetectionRelatedExecutables(true)\n .volumeShadowCopyAudit(true)\n .volumeShadowCopyProtect(true)\n .vulnerableDriverProtection(true)\n .windowsLogonBypassStickyKeys(true)\n .build());\n\n ctx.export(\"preventionPolicyWindows\", example);\n }\n}\n```\n```yaml\nresources:\n example:\n type: crowdstrike:PreventionPolicyWindows\n properties:\n enabled: true\n description: Made with Pulumi\n hostGroups: []\n ioaRuleGroups: []\n adwareAndPup:\n detection: MODERATE\n prevention: CAUTIOUS\n cloudAntiMalwareMicrosoftOfficeFiles:\n detection: MODERATE\n prevention: DISABLED\n cloudAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n cloudAntiMalwareUserInitiated:\n detection: MODERATE\n prevention: CAUTIOUS\n sensorAntiMalware:\n detection: MODERATE\n prevention: CAUTIOUS\n sensorAntiMalwareUserInitiated:\n detection: MODERATE\n prevention: CAUTIOUS\n extendedUserModeData:\n detection: MODERATE\n usbInsertionTriggeredScan: true\n applicationExploitationActivity: true\n additionalUserModeData: true\n notifyEndUsers: true\n advancedRemediation: true\n backupDeletion: true\n biosDeepVisibility: true\n chopperWebshell: true\n codeInjection: true\n credentialDumping: true\n cryptowall: true\n customBlocking: true\n detectOnWrite: true\n driveByDownload: true\n driverLoadPrevention: true\n interpreterOnly: true\n engineFullVisibility: true\n enhancedExploitationVisibility: true\n enhancedDllLoadVisibility: true\n enhancedMlForLargerFiles: true\n fileEncryption: true\n fileSystemAccess: true\n forceAslr: true\n forceDep: true\n heapSprayPreallocation: true\n nullPageAllocation: true\n sehOverwriteProtection: true\n hardwareEnhancedExploitDetection: true\n httpDetections: true\n redactHttpDetectionDetails: true\n intelligenceSourcedThreats: true\n javascriptViaRundll32: true\n locky: true\n memoryScanning: true\n memoryScanningScanWithCpu: true\n microsoftOfficeFileSuspiciousMacroRemoval: true\n onWriteScriptFileVisibility: true\n preventSuspiciousProcesses: true\n quarantineAndSecurityCenterRegistration: true\n quarantineOnRemovableMedia: true\n quarantineOnWrite: true\n scriptBasedExecutionMonitoring: true\n sensorTamperingProtection: true\n suspiciousRegistryOperations: true\n suspiciousScriptsAndCommands: true\n uploadUnknownExecutables: true\n uploadUnknownDetectionRelatedExecutables: true\n volumeShadowCopyAudit: true\n volumeShadowCopyProtect: true\n vulnerableDriverProtection: true\n windowsLogonBypassStickyKeys: true\noutputs:\n preventionPolicyWindows: ${example}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nprevention policy can be imported by specifying the policy id.\n\n```sh\n$ pulumi import crowdstrike:index/preventionPolicyWindows:PreventionPolicyWindows example 7fb858a949034a0cbca175f660f1e769\n```\n\n", "properties": { "additionalUserModeData": { "type": "boolean", @@ -2433,6 +2902,10 @@ "type": "boolean", "description": "Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreter_only to be enabled.\n" }, + "enhancedDllLoadVisibility": { + "type": "boolean", + "description": "Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment.\n" + }, "enhancedExploitationVisibility": { "type": "boolean", "description": "Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security.\n" @@ -2631,6 +3104,7 @@ "driverLoadPrevention", "enabled", "engineFullVisibility", + "enhancedDllLoadVisibility", "enhancedExploitationVisibility", "enhancedMlForLargerFiles", "extendedUserModeData", @@ -2756,6 +3230,10 @@ "type": "boolean", "description": "Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreter_only to be enabled.\n" }, + "enhancedDllLoadVisibility": { + "type": "boolean", + "description": "Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment.\n" + }, "enhancedExploitationVisibility": { "type": "boolean", "description": "Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security.\n" @@ -3018,6 +3496,10 @@ "type": "boolean", "description": "Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreter_only to be enabled.\n" }, + "enhancedDllLoadVisibility": { + "type": "boolean", + "description": "Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment.\n" + }, "enhancedExploitationVisibility": { "type": "boolean", "description": "Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security.\n" @@ -3351,6 +3833,52 @@ } }, "functions": { + "crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount": { + "description": "This data source provides information about AWS accounts in Falcon.\n\n## API Scopes\n\nThe following API scopes are required:\n\n- Cloud security AWS registration | Read \u0026 Write\n- CSPM registration | Read \u0026 Write\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as crowdstrike from \"@pulumi/crowdstrike\";\n\nconst all = crowdstrike.getCloudAwsAccount({});\nconst specific = crowdstrike.getCloudAwsAccount({\n accountId: \"123456789012\",\n});\nconst org = crowdstrike.getCloudAwsAccount({\n organizationId: \"o-123456789012\",\n});\n```\n```python\nimport pulumi\nimport pulumi_crowdstrike as crowdstrike\n\nall = crowdstrike.get_cloud_aws_account()\nspecific = crowdstrike.get_cloud_aws_account(account_id=\"123456789012\")\norg = crowdstrike.get_cloud_aws_account(organization_id=\"o-123456789012\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Crowdstrike = Pulumi.Crowdstrike;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var all = Crowdstrike.GetCloudAwsAccount.Invoke();\n\n var specific = Crowdstrike.GetCloudAwsAccount.Invoke(new()\n {\n AccountId = \"123456789012\",\n });\n\n var org = Crowdstrike.GetCloudAwsAccount.Invoke(new()\n {\n OrganizationId = \"o-123456789012\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := crowdstrike.LookupCloudAwsAccount(ctx, \u0026crowdstrike.LookupCloudAwsAccountArgs{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = crowdstrike.LookupCloudAwsAccount(ctx, \u0026crowdstrike.LookupCloudAwsAccountArgs{\n\t\t\tAccountId: pulumi.StringRef(\"123456789012\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = crowdstrike.LookupCloudAwsAccount(ctx, \u0026crowdstrike.LookupCloudAwsAccountArgs{\n\t\t\tOrganizationId: pulumi.StringRef(\"o-123456789012\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.crowdstrike.CrowdstrikeFunctions;\nimport com.pulumi.crowdstrike.inputs.GetCloudAwsAccountArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var all = CrowdstrikeFunctions.getCloudAwsAccount();\n\n final var specific = CrowdstrikeFunctions.getCloudAwsAccount(GetCloudAwsAccountArgs.builder()\n .accountId(\"123456789012\")\n .build());\n\n final var org = CrowdstrikeFunctions.getCloudAwsAccount(GetCloudAwsAccountArgs.builder()\n .organizationId(\"o-123456789012\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n all:\n fn::invoke:\n function: crowdstrike:getCloudAwsAccount\n arguments: {}\n specific:\n fn::invoke:\n function: crowdstrike:getCloudAwsAccount\n arguments:\n accountId: '123456789012'\n org:\n fn::invoke:\n function: crowdstrike:getCloudAwsAccount\n arguments:\n organizationId: o-123456789012\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "inputs": { + "description": "A collection of arguments for invoking getCloudAwsAccount.\n", + "properties": { + "accountId": { + "type": "string", + "description": "Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching\n" + }, + "organizationId": { + "type": "string", + "description": "Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching\n" + } + }, + "type": "object" + }, + "outputs": { + "description": "A collection of values returned by getCloudAwsAccount.\n", + "properties": { + "accountId": { + "type": "string", + "description": "Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching\n" + }, + "accounts": { + "type": "array", + "items": { + "$ref": "#/types/crowdstrike:index/getCloudAwsAccountAccount:getCloudAwsAccountAccount" + }, + "description": "The list of AWS accounts\n" + }, + "id": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource.\n" + }, + "organizationId": { + "type": "string", + "description": "Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching\n" + } + }, + "type": "object", + "required": [ + "accounts", + "id" + ] + } + }, "crowdstrike:index/getSensorUpdatePolicyBuilds:getSensorUpdatePolicyBuilds": { "description": "This data source provides information about the latest sensor builds for each platform.\n\n## API Scopes\n\nThe following API scopes are required:\n\n- Sensor update policies | Write\n\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as crowdstrike from \"@pulumi/crowdstrike\";\n\nconst builds = crowdstrike.getSensorUpdatePolicyBuilds({});\nexport const latestWindowsBuild = builds.then(builds =\u003e builds.windows?.latest);\nexport const n1LinuxBuild = builds.then(builds =\u003e builds.linux?.n1);\nexport const n2MacBuild = builds.then(builds =\u003e builds.mac?.n2);\nexport const latestLinuxArm64Build = builds.then(builds =\u003e builds.linuxArm64?.latest);\n```\n```python\nimport pulumi\nimport pulumi_crowdstrike as crowdstrike\n\nbuilds = crowdstrike.get_sensor_update_policy_builds()\npulumi.export(\"latestWindowsBuild\", builds.windows.latest)\npulumi.export(\"n1LinuxBuild\", builds.linux.n1)\npulumi.export(\"n2MacBuild\", builds.mac.n2)\npulumi.export(\"latestLinuxArm64Build\", builds.linux_arm64.latest)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Crowdstrike = Pulumi.Crowdstrike;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var builds = Crowdstrike.GetSensorUpdatePolicyBuilds.Invoke();\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"latestWindowsBuild\"] = builds.Apply(getSensorUpdatePolicyBuildsResult =\u003e getSensorUpdatePolicyBuildsResult.Windows?.Latest),\n [\"n1LinuxBuild\"] = builds.Apply(getSensorUpdatePolicyBuildsResult =\u003e getSensorUpdatePolicyBuildsResult.Linux?.N1),\n [\"n2MacBuild\"] = builds.Apply(getSensorUpdatePolicyBuildsResult =\u003e getSensorUpdatePolicyBuildsResult.Mac?.N2),\n [\"latestLinuxArm64Build\"] = builds.Apply(getSensorUpdatePolicyBuildsResult =\u003e getSensorUpdatePolicyBuildsResult.LinuxArm64?.Latest),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbuilds, err := crowdstrike.GetSensorUpdatePolicyBuilds(ctx, map[string]interface{}{}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"latestWindowsBuild\", builds.Windows.Latest)\n\t\tctx.Export(\"n1LinuxBuild\", builds.Linux.N1)\n\t\tctx.Export(\"n2MacBuild\", builds.Mac.N2)\n\t\tctx.Export(\"latestLinuxArm64Build\", builds.LinuxArm64.Latest)\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.crowdstrike.CrowdstrikeFunctions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var builds = CrowdstrikeFunctions.getSensorUpdatePolicyBuilds();\n\n ctx.export(\"latestWindowsBuild\", builds.applyValue(getSensorUpdatePolicyBuildsResult -\u003e getSensorUpdatePolicyBuildsResult.windows().latest()));\n ctx.export(\"n1LinuxBuild\", builds.applyValue(getSensorUpdatePolicyBuildsResult -\u003e getSensorUpdatePolicyBuildsResult.linux().n1()));\n ctx.export(\"n2MacBuild\", builds.applyValue(getSensorUpdatePolicyBuildsResult -\u003e getSensorUpdatePolicyBuildsResult.mac().n2()));\n ctx.export(\"latestLinuxArm64Build\", builds.applyValue(getSensorUpdatePolicyBuildsResult -\u003e getSensorUpdatePolicyBuildsResult.linuxArm64().latest()));\n }\n}\n```\n```yaml\nvariables:\n builds:\n fn::invoke:\n function: crowdstrike:getSensorUpdatePolicyBuilds\n arguments: {}\noutputs:\n latestWindowsBuild: ${builds.windows.latest}\n n1LinuxBuild: ${builds.linux.n1}\n n2MacBuild: ${builds.mac.n2}\n latestLinuxArm64Build: ${builds.linuxArm64.latest}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "outputs": { diff --git a/provider/go.mod b/provider/go.mod index 43f6ebb..9eef967 100644 --- a/provider/go.mod +++ b/provider/go.mod @@ -10,8 +10,8 @@ require ( github.com/crowdstrike/terraform-provider-crowdstrike/shim v0.0.0-00010101000000-000000000000 github.com/ettle/strcase v0.1.1 github.com/pulumi/pulumi-terraform-bridge/pf v0.49.0 - github.com/pulumi/pulumi-terraform-bridge/v3 v3.102.0 - github.com/pulumi/pulumi/sdk/v3 v3.147.0 + github.com/pulumi/pulumi-terraform-bridge/v3 v3.103.0 + github.com/pulumi/pulumi/sdk/v3 v3.148.0 ) require ( @@ -46,14 +46,14 @@ require ( github.com/cheggaaa/pb v1.0.29 // indirect github.com/cloudflare/circl v1.3.7 // indirect github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 // indirect - github.com/crowdstrike/gofalcon v0.6.1-0.20240426204036-ac8ce2b4f2d7 // indirect - github.com/crowdstrike/terraform-provider-crowdstrike v0.0.12 // indirect + github.com/crowdstrike/gofalcon v0.11.1 // indirect + github.com/crowdstrike/terraform-provider-crowdstrike v0.0.15 // indirect github.com/cyphar/filepath-securejoin v0.3.6 // indirect github.com/deckarep/golang-set/v2 v2.5.0 // indirect github.com/djherbis/times v1.5.0 // indirect github.com/edsrzf/mmap-go v1.1.0 // indirect github.com/emirpasic/gods v1.18.1 // indirect - github.com/fatih/color v1.16.0 // indirect + github.com/fatih/color v1.18.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-git/go-billy/v5 v5.6.1 // indirect @@ -71,7 +71,7 @@ require ( github.com/go-openapi/swag v0.23.0 // indirect github.com/go-openapi/validate v0.24.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/glog v1.2.2 // indirect + github.com/golang/glog v1.2.3 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/s2a-go v0.1.7 // indirect @@ -86,20 +86,22 @@ require ( github.com/hashicorp/go-getter v1.7.5 // indirect github.com/hashicorp/go-hclog v1.6.3 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-plugin v1.6.2 // indirect + github.com/hashicorp/go-plugin v1.6.3 // indirect github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/go-version v1.7.0 // indirect github.com/hashicorp/hcl v1.0.0 // indirect - github.com/hashicorp/hcl/v2 v2.22.0 // indirect + github.com/hashicorp/hcl/v2 v2.23.0 // indirect github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93 // indirect - github.com/hashicorp/terraform-plugin-framework v1.13.0 // indirect - github.com/hashicorp/terraform-plugin-framework-validators v0.12.0 // indirect + github.com/hashicorp/logutils v1.0.0 // indirect + github.com/hashicorp/terraform-plugin-framework v1.14.1 // indirect + github.com/hashicorp/terraform-plugin-framework-validators v0.16.0 // indirect github.com/hashicorp/terraform-plugin-go v0.26.0 // indirect github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect + github.com/hashicorp/terraform-plugin-sdk/v2 v2.35.0 // indirect github.com/hashicorp/terraform-registry-address v0.2.4 // indirect github.com/hashicorp/terraform-svchost v0.1.1 // indirect - github.com/hashicorp/yamux v0.1.1 // indirect + github.com/hashicorp/yamux v0.1.2 // indirect github.com/huandu/xstrings v1.3.3 // indirect github.com/iancoleman/strcase v0.3.0 // indirect github.com/imdario/mergo v0.3.15 // indirect @@ -111,8 +113,8 @@ require ( github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/klauspost/compress v1.16.7 // indirect github.com/lucasb-eyer/go-colorful v1.2.0 // indirect - github.com/mailru/easyjson v0.7.7 // indirect - github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mailru/easyjson v0.9.0 // indirect + github.com/mattn/go-colorable v0.1.14 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-localereader v0.0.1 // indirect github.com/mattn/go-runewidth v0.0.15 // indirect @@ -149,10 +151,10 @@ require ( github.com/pulumi/inflector v0.1.1 // indirect github.com/pulumi/pulumi-java/pkg v0.19.0 // indirect github.com/pulumi/pulumi-yaml v1.12.0 // indirect - github.com/pulumi/pulumi/pkg/v3 v3.147.0 // indirect + github.com/pulumi/pulumi/pkg/v3 v3.148.0 // indirect github.com/pulumi/schema-tools v0.1.2 // indirect github.com/rivo/uniseg v0.4.4 // indirect - github.com/rogpeppe/go-internal v1.12.0 // indirect + github.com/rogpeppe/go-internal v1.13.1 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 // indirect github.com/santhosh-tekuri/jsonschema/v5 v5.0.0 // indirect @@ -176,31 +178,32 @@ require ( github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/yuin/goldmark v1.7.4 // indirect github.com/zclconf/go-cty v1.15.0 // indirect - go.mongodb.org/mongo-driver v1.15.0 // indirect + go.mongodb.org/mongo-driver v1.17.2 // indirect go.opencensus.io v0.24.0 // indirect + go.opentelemetry.io/auto/sdk v1.1.0 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect - go.opentelemetry.io/otel v1.31.0 // indirect - go.opentelemetry.io/otel/metric v1.31.0 // indirect - go.opentelemetry.io/otel/trace v1.31.0 // indirect + go.opentelemetry.io/otel v1.34.0 // indirect + go.opentelemetry.io/otel/metric v1.34.0 // indirect + go.opentelemetry.io/otel/trace v1.34.0 // indirect go.uber.org/atomic v1.9.0 // indirect - golang.org/x/crypto v0.32.0 // indirect - golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect - golang.org/x/mod v0.21.0 // indirect - golang.org/x/net v0.34.0 // indirect - golang.org/x/oauth2 v0.23.0 // indirect - golang.org/x/sync v0.10.0 // indirect - golang.org/x/sys v0.29.0 // indirect - golang.org/x/term v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect + golang.org/x/crypto v0.33.0 // indirect + golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac // indirect + golang.org/x/mod v0.23.0 // indirect + golang.org/x/net v0.35.0 // indirect + golang.org/x/oauth2 v0.26.0 // indirect + golang.org/x/sync v0.11.0 // indirect + golang.org/x/sys v0.30.0 // indirect + golang.org/x/term v0.29.0 // indirect + golang.org/x/text v0.22.0 // indirect golang.org/x/time v0.5.0 // indirect - golang.org/x/tools v0.23.0 // indirect + golang.org/x/tools v0.30.0 // indirect google.golang.org/api v0.169.0 // indirect google.golang.org/genproto v0.0.0-20240311173647-c811ad7063a7 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53 // indirect - google.golang.org/grpc v1.69.4 // indirect - google.golang.org/protobuf v1.36.3 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20250207221924-e9438ea467c6 // indirect + google.golang.org/grpc v1.70.0 // indirect + google.golang.org/protobuf v1.36.5 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect lukechampine.com/frand v1.4.2 // indirect diff --git a/provider/go.sum b/provider/go.sum index 3ed59e1..e52dbf7 100644 --- a/provider/go.sum +++ b/provider/go.sum @@ -324,10 +324,10 @@ github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWH github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81 h1:q2hJAaP1k2wIvVRd/hEHD7lacgqrCPS+k8g1MndzfWY= github.com/containerd/console v1.0.4-0.20230313162750-1ae8d489ac81/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/crowdstrike/gofalcon v0.6.1-0.20240426204036-ac8ce2b4f2d7 h1:NLcXFICTUakAvJFSH8z+Ht6SfJ52FbOasYdP8p7BcsQ= -github.com/crowdstrike/gofalcon v0.6.1-0.20240426204036-ac8ce2b4f2d7/go.mod h1:7KSolP3XCntqZiu7GfGd8uedAQ82dqBNpP0gqBksWB8= -github.com/crowdstrike/terraform-provider-crowdstrike v0.0.12 h1:g9h37KThI0yutXVXPWTERgGedLq9+l1t8aPvlSR9bVo= -github.com/crowdstrike/terraform-provider-crowdstrike v0.0.12/go.mod h1:R9kYJzHPH0NKBwPwJdNchkorNDAKxbqr/Cnxx8JPPw0= +github.com/crowdstrike/gofalcon v0.11.1 h1:JLZ341GMSrReZiqJylNdRDTkU455Oh6sQ7sMM7unGgI= +github.com/crowdstrike/gofalcon v0.11.1/go.mod h1:bczghNwcnYX8kGstPZQC2XsijbvFF2ng5YA9Uv8ZmLE= +github.com/crowdstrike/terraform-provider-crowdstrike v0.0.15 h1:kpbNxjS6BnIazfcZ+uk2cG6MxbeE8qCjrOf7XAY1wBI= +github.com/crowdstrike/terraform-provider-crowdstrike v0.0.15/go.mod h1:47i1E++U6FOR/hcsvlfhLyw0BVS6GWnRcmIDI/rNIRc= github.com/cyphar/filepath-securejoin v0.3.6 h1:4d9N5ykBnSp5Xn2JkhocYDkOpURL/18CYMpo6xB9uWM= github.com/cyphar/filepath-securejoin v0.3.6/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -358,8 +358,8 @@ github.com/ettle/strcase v0.1.1/go.mod h1:hzDLsPC7/lwKyBOywSHEP89nt2pDgdy+No1NBA github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= -github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= +github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0XL9UY= @@ -415,8 +415,8 @@ github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69 github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/glog v1.2.2 h1:1+mZ9upx1Dh6FmUTFR1naJ77miKiXgALjWOZ3NVFPmY= -github.com/golang/glog v1.2.2/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= +github.com/golang/glog v1.2.3 h1:oDTdz9f5VGVVNGu/Q7UXKWYsD0873HXLHdJUNBsSEKM= +github.com/golang/glog v1.2.3/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -547,8 +547,8 @@ github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVH github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-plugin v1.6.2 h1:zdGAEd0V1lCaU0u+MxWQhtSDQmahpkwOun8U8EiRVog= -github.com/hashicorp/go-plugin v1.6.2/go.mod h1:CkgLQ5CZqNmdL9U9JzM532t8ZiYQ35+pj3b1FD37R0Q= +github.com/hashicorp/go-plugin v1.6.3 h1:xgHB+ZUSYeuJi96WtxEjzi23uh7YQpznjGh0U0UUrwg= +github.com/hashicorp/go-plugin v1.6.3/go.mod h1:MRobyh+Wc/nYy1V4KAXUiYfzxoYhs7V1mlH1Z7iY2h0= github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= @@ -568,40 +568,40 @@ github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKe github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/hc-install v0.6.4 h1:QLqlM56/+SIIGvGcfFiwMY3z5WGXT066suo/v9Km8e0= -github.com/hashicorp/hc-install v0.6.4/go.mod h1:05LWLy8TD842OtgcfBbOT0WMoInBMUSHjmDx10zuBIA= +github.com/hashicorp/hc-install v0.9.0 h1:2dIk8LcvANwtv3QZLckxcjyF5w8KVtiMxu6G6eLhghE= +github.com/hashicorp/hc-install v0.9.0/go.mod h1:+6vOP+mf3tuGgMApVYtmsnDoKWMDcFXeTxCACYZ8SFg= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/hcl/v2 v2.22.0 h1:hkZ3nCtqeJsDhPRFz5EA9iwcG1hNWGePOTw6oyul12M= -github.com/hashicorp/hcl/v2 v2.22.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA= +github.com/hashicorp/hcl/v2 v2.23.0 h1:Fphj1/gCylPxHutVSEOf2fBOh1VE4AuLV7+kbJf3qos= +github.com/hashicorp/hcl/v2 v2.23.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA= github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93 h1:T1Q6ag9tCwun16AW+XK3tAql24P4uTGUMIn1/92WsQQ= github.com/hashicorp/hil v0.0.0-20190212132231-97b3a9cdfa93/go.mod h1:n2TSygSNwsLJ76m8qFXTSc7beTb+auJxYdqrnoqwZWE= github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/terraform-exec v0.20.0 h1:DIZnPsqzPGuUnq6cH8jWcPunBfY+C+M8JyYF3vpnuEo= -github.com/hashicorp/terraform-exec v0.20.0/go.mod h1:ckKGkJWbsNqFKV1itgMnE0hY9IYf1HoiekpuN0eWoDw= -github.com/hashicorp/terraform-json v0.21.0 h1:9NQxbLNqPbEMze+S6+YluEdXgJmhQykRyRNd+zTI05U= -github.com/hashicorp/terraform-json v0.21.0/go.mod h1:qdeBs11ovMzo5puhrRibdD6d2Dq6TyE/28JiU4tIQxk= -github.com/hashicorp/terraform-plugin-framework v1.13.0 h1:8OTG4+oZUfKgnfTdPTJwZ532Bh2BobF4H+yBiYJ/scw= -github.com/hashicorp/terraform-plugin-framework v1.13.0/go.mod h1:j64rwMGpgM3NYXTKuxrCnyubQb/4VKldEKlcG8cvmjU= -github.com/hashicorp/terraform-plugin-framework-validators v0.12.0 h1:HOjBuMbOEzl7snOdOoUfE2Jgeto6JOjLVQ39Ls2nksc= -github.com/hashicorp/terraform-plugin-framework-validators v0.12.0/go.mod h1:jfHGE/gzjxYz6XoUwi/aYiiKrJDeutQNUtGQXkaHklg= +github.com/hashicorp/terraform-exec v0.21.0 h1:uNkLAe95ey5Uux6KJdua6+cv8asgILFVWkd/RG0D2XQ= +github.com/hashicorp/terraform-exec v0.21.0/go.mod h1:1PPeMYou+KDUSSeRE9szMZ/oHf4fYUmB923Wzbq1ICg= +github.com/hashicorp/terraform-json v0.23.0 h1:sniCkExU4iKtTADReHzACkk8fnpQXrdD2xoR+lppBkI= +github.com/hashicorp/terraform-json v0.23.0/go.mod h1:MHdXbBAbSg0GvzuWazEGKAn/cyNfIB7mN6y7KJN6y2c= +github.com/hashicorp/terraform-plugin-framework v1.14.1 h1:jaT1yvU/kEKEsxnbrn4ZHlgcxyIfjvZ41BLdlLk52fY= +github.com/hashicorp/terraform-plugin-framework v1.14.1/go.mod h1:xNUKmvTs6ldbwTuId5euAtg37dTxuyj3LHS3uj7BHQ4= +github.com/hashicorp/terraform-plugin-framework-validators v0.16.0 h1:O9QqGoYDzQT7lwTXUsZEtgabeWW96zUBh47Smn2lkFA= +github.com/hashicorp/terraform-plugin-framework-validators v0.16.0/go.mod h1:Bh89/hNmqsEWug4/XWKYBwtnw3tbz5BAy1L1OgvbIaY= github.com/hashicorp/terraform-plugin-go v0.26.0 h1:cuIzCv4qwigug3OS7iKhpGAbZTiypAfFQmw8aE65O2M= github.com/hashicorp/terraform-plugin-go v0.26.0/go.mod h1:+CXjuLDiFgqR+GcrM5a2E2Kal5t5q2jb0E3D57tTdNY= github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0= github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow= github.com/hashicorp/terraform-plugin-sdk v1.7.0 h1:B//oq0ZORG+EkVrIJy0uPGSonvmXqxSzXe8+GhknoW0= github.com/hashicorp/terraform-plugin-sdk v1.7.0/go.mod h1:OjgQmey5VxnPej/buEhe+YqKm0KNvV3QqU4hkqHqPCY= -github.com/hashicorp/terraform-plugin-testing v1.7.0 h1:I6aeCyZ30z4NiI3tzyDoO6fS7YxP5xSL1ceOon3gTe8= -github.com/hashicorp/terraform-plugin-testing v1.7.0/go.mod h1:sbAreCleJNOCz+y5vVHV8EJkIWZKi/t4ndKiUjM9vao= +github.com/hashicorp/terraform-plugin-testing v1.11.0 h1:MeDT5W3YHbONJt2aPQyaBsgQeAIckwPX41EUHXEn29A= +github.com/hashicorp/terraform-plugin-testing v1.11.0/go.mod h1:WNAHQ3DcgV/0J+B15WTE6hDvxcUdkPPpnB1FR3M910U= github.com/hashicorp/terraform-registry-address v0.2.4 h1:JXu/zHB2Ymg/TGVCRu10XqNa4Sh2bWcqCNyKWjnCPJA= github.com/hashicorp/terraform-registry-address v0.2.4/go.mod h1:tUNYTVyCtU4OIGXXMDp7WNcJ+0W1B4nmstVDgHMjfAU= github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ= github.com/hashicorp/terraform-svchost v0.1.1/go.mod h1:mNsjQfZyf/Jhz35v6/0LWcv26+X7JPS+buii2c9/ctc= github.com/hashicorp/vault/api v1.12.0 h1:meCpJSesvzQyao8FCOgk2fGdoADAnbDu2WPJN1lDLJ4= github.com/hashicorp/vault/api v1.12.0/go.mod h1:si+lJCYO7oGkIoNPAN8j3azBLTn9SjMGS+jFaHd1Cck= -github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= -github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= +github.com/hashicorp/yamux v0.1.2 h1:XtB8kyFOyHXYVFnwT5C3+Bdo8gArse7j2AQ0DA0Uey8= +github.com/hashicorp/yamux v0.1.2/go.mod h1:C+zze2n6e/7wshOZep2A70/aQU6QBRWJO/G6FT1wIns= github.com/hexops/autogold v1.3.0 h1:IEtGNPxBeBu8RMn8eKWh/Ll9dVNgSnJ7bp/qHgMQ14o= github.com/hexops/autogold v1.3.0/go.mod h1:d4hwi2rid66Sag+BVuHgwakW/EmaFr8vdTSbWDbrDRI= github.com/hexops/autogold/v2 v2.2.1 h1:JPUXuZQGkcQMv7eeDXuNMovjfoRYaa0yVcm+F3voaGY= @@ -657,21 +657,20 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY= github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= +github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= -github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= -github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= +github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4= @@ -765,14 +764,14 @@ github.com/pulumi/pulumi-java/pkg v0.19.0 h1:T9kkGUQJV7UTxenw08m3txsgQkNVnZZxvn1 github.com/pulumi/pulumi-java/pkg v0.19.0/go.mod h1:YKYYFEb3Jvzf/dDJo0xOeEkIfBAMkkkdhXulauvEjmc= github.com/pulumi/pulumi-terraform-bridge/pf v0.49.0 h1:GJ20wQxz5dYbOWdDyDp1E3SuuTuLVdBpnp70FJ+VVpQ= github.com/pulumi/pulumi-terraform-bridge/pf v0.49.0/go.mod h1:zDdNBSsrNhUxyeX1MrXr/O71DBpWMFZ8dGIGV0Pbj0c= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.102.0 h1:shzw3WluUr/TcK92njRDFxpdUMP1brbGVsgBFCzlQl0= -github.com/pulumi/pulumi-terraform-bridge/v3 v3.102.0/go.mod h1:LwhiXOl9rpoRImUuDTfQQH2vTjL1JACnIFm/kWp1znU= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.103.0 h1:kHY3wnVOutj1G3XcjA4ZNSlHbrUKHfMTZsJRykTYc48= +github.com/pulumi/pulumi-terraform-bridge/v3 v3.103.0/go.mod h1:2+e4IIfbop+OBZYcMvlgx9KPZ9J6VrweKHadjnYyI6M= github.com/pulumi/pulumi-yaml v1.12.0 h1:ThJP+EBqeJyCnS6w6/PwcEFOT5o112qv0lObhefmFCk= github.com/pulumi/pulumi-yaml v1.12.0/go.mod h1:EhZd1XDfuLa15O51qVVE16U6r8ldK9mLIBclqWCX27Y= -github.com/pulumi/pulumi/pkg/v3 v3.147.0 h1:aFzP2kXBL/nPPDao625xIkjAhqT5GKe3XfPXbG07oFA= -github.com/pulumi/pulumi/pkg/v3 v3.147.0/go.mod h1:WqLJy8lfzbGTEqz5Rukd+GrqBYNBf8Y3dJ+Wde+G6g4= -github.com/pulumi/pulumi/sdk/v3 v3.147.0 h1:8ZDZnEsCZa6shw1dwIDUssbYMooYyebhpmx5feuZCqM= -github.com/pulumi/pulumi/sdk/v3 v3.147.0/go.mod h1:+WC9aIDo8fMgd2g0jCHuZU2S/VYNLRAZ3QXt6YVgwaA= +github.com/pulumi/pulumi/pkg/v3 v3.148.0 h1:7FuRpw1ysvt5400x+5Ukbj14ue5W8b9fI+FZ8YMD7o4= +github.com/pulumi/pulumi/pkg/v3 v3.148.0/go.mod h1:xxL0LnlNmjotV8Kz3sKITKCQf+U72prabgt4NAlJfRk= +github.com/pulumi/pulumi/sdk/v3 v3.148.0 h1:tEw1FQOKoQVP7HfZWI9DJQl4ZvGaL1z2ixZdN2wGV/o= +github.com/pulumi/pulumi/sdk/v3 v3.148.0/go.mod h1:+WC9aIDo8fMgd2g0jCHuZU2S/VYNLRAZ3QXt6YVgwaA= github.com/pulumi/schema-tools v0.1.2 h1:Fd9xvUjgck4NA+7/jSk7InqCUT4Kj940+EcnbQKpfZo= github.com/pulumi/schema-tools v0.1.2/go.mod h1:62lgj52Tzq11eqWTIaKd+EVyYAu5dEcDJxMhTjvMO/k= github.com/pulumi/terraform-diff-reader v0.0.2 h1:kTE4nEXU3/SYXESvAIem+wyHMI3abqkI3OhJ0G04LLI= @@ -787,8 +786,8 @@ github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= -github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= +github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= @@ -877,8 +876,8 @@ github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6 github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM= github.com/zclconf/go-cty-yaml v1.0.3 h1:og/eOQ7lvA/WWhHGFETVWNduJM7Rjsv2RRpx1sdFMLc= github.com/zclconf/go-cty-yaml v1.0.3/go.mod h1:9YLUH4g7lOhVWqUbctnVlZ5KLpg7JAprQNgxSZ1Gyxs= -go.mongodb.org/mongo-driver v1.15.0 h1:rJCKC8eEliewXjZGf0ddURtl7tTVy1TK3bfl0gkUSLc= -go.mongodb.org/mongo-driver v1.15.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= +go.mongodb.org/mongo-driver v1.17.2 h1:gvZyk8352qSfzyZ2UMWcpDpMSGEr1eqE4T793SqyhzM= +go.mongodb.org/mongo-driver v1.17.2/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -888,20 +887,22 @@ go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= +go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= +go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 h1:4Pp6oUg3+e/6M4C0A/3kJ2VYa++dsWVTtGgLVj5xtHg= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0/go.mod h1:Mjt1i1INqiaoZOMGR1RIUJN+i3ChKoFRqzrRQhlkbs0= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw= -go.opentelemetry.io/otel v1.31.0 h1:NsJcKPIW0D0H3NgzPDHmo0WW6SptzPdqg/L1zsIm2hY= -go.opentelemetry.io/otel v1.31.0/go.mod h1:O0C14Yl9FgkjqcCZAsE053C13OaddMYr/hz6clDkEJE= -go.opentelemetry.io/otel/metric v1.31.0 h1:FSErL0ATQAmYHUIzSezZibnyVlft1ybhy4ozRPcF2fE= -go.opentelemetry.io/otel/metric v1.31.0/go.mod h1:C3dEloVbLuYoX41KpmAhOqNriGbA+qqH6PQ5E5mUfnY= -go.opentelemetry.io/otel/sdk v1.31.0 h1:xLY3abVHYZ5HSfOg3l2E5LUj2Cwva5Y7yGxnSW9H5Gk= -go.opentelemetry.io/otel/sdk v1.31.0/go.mod h1:TfRbMdhvxIIr/B2N2LQW2S5v9m3gOQ/08KsbbO5BPT0= -go.opentelemetry.io/otel/sdk/metric v1.31.0 h1:i9hxxLJF/9kkvfHppyLL55aW7iIJz4JjxTeYusH7zMc= -go.opentelemetry.io/otel/sdk/metric v1.31.0/go.mod h1:CRInTMVvNhUKgSAMbKyTMxqOBC0zgyxzW55lZzX43Y8= -go.opentelemetry.io/otel/trace v1.31.0 h1:ffjsj1aRouKewfr85U2aGagJ46+MvodynlQ1HYdmJys= -go.opentelemetry.io/otel/trace v1.31.0/go.mod h1:TXZkRk7SM2ZQLtR6eoAWQFIHPvzQ06FJAsO1tJg480A= +go.opentelemetry.io/otel v1.34.0 h1:zRLXxLCgL1WyKsPVrgbSdMN4c0FMkDAskSTQP+0hdUY= +go.opentelemetry.io/otel v1.34.0/go.mod h1:OWFPOQ+h4G8xpyjgqo4SxJYdDQ/qmRH+wivy7zzx9oI= +go.opentelemetry.io/otel/metric v1.34.0 h1:+eTR3U0MyfWjRDhmFMxe2SsW64QrZ84AOhvqS7Y+PoQ= +go.opentelemetry.io/otel/metric v1.34.0/go.mod h1:CEDrp0fy2D0MvkXE+dPV7cMi8tWZwX3dmaIhwPOaqHE= +go.opentelemetry.io/otel/sdk v1.32.0 h1:RNxepc9vK59A8XsgZQouW8ue8Gkb4jpWtJm9ge5lEG4= +go.opentelemetry.io/otel/sdk v1.32.0/go.mod h1:LqgegDBjKMmb2GC6/PrTnteJG39I8/vJCAP9LlJXEjU= +go.opentelemetry.io/otel/sdk/metric v1.32.0 h1:rZvFnvmvawYb0alrYkjraqJq0Z4ZUJAiyYCU9snn1CU= +go.opentelemetry.io/otel/sdk/metric v1.32.0/go.mod h1:PWeZlq0zt9YkYAp3gjKZ0eicRYvOh1Gd+X99x6GHpCQ= +go.opentelemetry.io/otel/trace v1.34.0 h1:+ouXS2V8Rd4hp4580a8q23bg0azF2nI8cqLYnC8mh/k= +go.opentelemetry.io/otel/trace v1.34.0/go.mod h1:Svm7lSjQD7kG7KJ/MUHPVXSDGz2OX4h0M2jHBhmSfRE= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= @@ -921,8 +922,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= -golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= +golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus= +golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -933,8 +934,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= +golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac h1:l5+whBCLH3iH2ZNHYLbAe58bo7yrN4mVcnkHDYz5vvs= +golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac/go.mod h1:hH+7mtFmImwwcMvScyxUhjuVHR3HGaDPMn9rMSUUbxo= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -961,8 +962,8 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= -golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= +golang.org/x/mod v0.23.0 h1:Zb7khfcRGKk+kqfxFaP5tZqCnDZMjC5VtUBs87Hr6QM= +golang.org/x/mod v0.23.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1014,8 +1015,8 @@ golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfS golang.org/x/net v0.0.0-20221014081412-f15817d10f9b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0= -golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k= +golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8= +golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1041,8 +1042,8 @@ golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.1.0/go.mod h1:G9FE4dLTsbXUu90h/Pf85g4w1D+SSAgR+q46nJZ8M4A= -golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs= -golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.26.0 h1:afQXWNNaeC4nvZ0Ed9XvCCzXM6UHJG7iCg0W4fPqSBE= +golang.org/x/oauth2 v0.26.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1057,8 +1058,8 @@ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= -golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w= +golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1132,18 +1133,17 @@ golang.org/x/sys v0.0.0-20220624220833-87e55d714810/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg= -golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= +golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU= +golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1154,8 +1154,8 @@ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM= +golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1217,8 +1217,8 @@ golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg= -golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI= +golang.org/x/tools v0.30.0 h1:BgcpHewrV5AUp2G9MebG4XPFI1E2W41zU1SaqVA9vJY= +golang.org/x/tools v0.30.0/go.mod h1:c347cR/OJfw5TI+GfX7RUPNMdDRRbjvYTS0jPyvsVtY= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1393,10 +1393,10 @@ google.golang.org/genproto v0.0.0-20221014213838-99cd37c6964a/go.mod h1:1vXfmgAz google.golang.org/genproto v0.0.0-20221025140454-527a21cfbd71/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= google.golang.org/genproto v0.0.0-20240311173647-c811ad7063a7 h1:ImUcDPHjTrAqNhlOkSocDLfG9rrNHH7w7uoKWPaWZ8s= google.golang.org/genproto v0.0.0-20240311173647-c811ad7063a7/go.mod h1:/3XmxOjePkvmKrHuBy4zNFw7IzxJXtAgdpXi8Ll990U= -google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53 h1:fVoAXEKA4+yufmbdVYv+SE73+cPZbbbe8paLsHfkK+U= -google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53/go.mod h1:riSXTwQ4+nqmPGtobMFyW5FqVAmIs0St6VPp4Ug7CE4= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53 h1:X58yt85/IXCx0Y3ZwN6sEIKZzQtDEYaBWrDvErdXrRE= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53/go.mod h1:GX3210XPVPUjJbTUbvwI8f2IpZDMZuPJWDzDuebbviI= +google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a h1:OAiGFfOiA0v9MRYsSidp3ubZaBnteRUyn3xB2ZQ5G/E= +google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a/go.mod h1:jehYqy3+AhJU9ve55aNOaSml7wUXjF9x6z2LcCfpAhY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250207221924-e9438ea467c6 h1:2duwAxN2+k0xLNpjnHTXoMUgnv6VPSp5fiqTuwSxjmI= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250207221924-e9438ea467c6/go.mod h1:8BS3B93F/U1juMFq9+EDk+qOT5CO1R9IzXxG3PTqiRk= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -1432,8 +1432,8 @@ google.golang.org/grpc v1.48.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACu google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/grpc v1.50.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= -google.golang.org/grpc v1.69.4 h1:MF5TftSMkd8GLw/m0KM6V8CMOCY6NZ1NQDPGFgbTt4A= -google.golang.org/grpc v1.69.4/go.mod h1:vyjdE6jLBI76dgpDojsFGNaHlxdjXN9ghpnd2o7JGZ4= +google.golang.org/grpc v1.70.0 h1:pWFv03aZoHzlRKHWicjsZytKAiYCtNS0dHbXnIdq7jQ= +google.golang.org/grpc v1.70.0/go.mod h1:ofIJqVKDXx/JiXrwr2IG4/zwdH9txy3IlF40RmcJSQw= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= @@ -1450,8 +1450,8 @@ google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQ google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.36.3 h1:82DV7MYdb8anAVi3qge1wSnMDrnKK7ebr+I0hHRN1BU= -google.golang.org/protobuf v1.36.3/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= +google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/provider/resources.go b/provider/resources.go index d3cc90e..f0e8f62 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -148,12 +148,13 @@ func Provider() tfbridge.ProviderInfo { // }, }, PreConfigureCallback: preConfigureCallback, - Resources: map[string]*tfbridge.ResourceInfo{ + Resources: map[string]*tfbridge.ResourceInfo{ // Map each resource in the Terraform provider to a Pulumi type. // // "aws_iam_role": { // Tok: makeResource(mainMod, "aws_iam_role"), // }, + "crowdstrike_cloud_aws_account": {ComputeID: tfbridge.DelegateIDField("id", "aws_account_id", "https://github.com/crowdstrike/crowdstrike-pulumi")}, }, DataSources: map[string]*tfbridge.DataSourceInfo{ // Map each data source in the Terraform provider to a Pulumi function. diff --git a/provider/shim/go.mod b/provider/shim/go.mod index 2ff40d3..2042121 100644 --- a/provider/shim/go.mod +++ b/provider/shim/go.mod @@ -1,18 +1,20 @@ module github.com/crowdstrike/terraform-provider-crowdstrike/shim -go 1.22 +go 1.22.0 + +toolchain go1.24.0 require ( - github.com/crowdstrike/terraform-provider-crowdstrike v0.0.12 - github.com/hashicorp/terraform-plugin-framework v1.8.0 + github.com/crowdstrike/terraform-provider-crowdstrike v0.0.15 + github.com/hashicorp/terraform-plugin-framework v1.13.0 ) require ( github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect github.com/blang/semver/v4 v4.0.0 // indirect - github.com/crowdstrike/gofalcon v0.6.1-0.20240426204036-ac8ce2b4f2d7 // indirect - github.com/fatih/color v1.16.0 // indirect - github.com/go-logr/logr v1.4.1 // indirect + github.com/crowdstrike/gofalcon v0.11.1 // indirect + github.com/fatih/color v1.18.0 // indirect + github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/analysis v0.23.0 // indirect github.com/go-openapi/errors v0.22.0 // indirect @@ -25,13 +27,16 @@ require ( github.com/go-openapi/swag v0.23.0 // indirect github.com/go-openapi/validate v0.24.0 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/hashicorp/go-hclog v1.6.2 // indirect - github.com/hashicorp/terraform-plugin-framework-validators v0.12.0 // indirect - github.com/hashicorp/terraform-plugin-go v0.22.2 // indirect + github.com/hashicorp/go-hclog v1.6.3 // indirect + github.com/hashicorp/go-uuid v1.0.3 // indirect + github.com/hashicorp/logutils v1.0.0 // indirect + github.com/hashicorp/terraform-plugin-framework-validators v0.16.0 // indirect + github.com/hashicorp/terraform-plugin-go v0.26.0 // indirect github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect + github.com/hashicorp/terraform-plugin-sdk/v2 v2.35.0 // indirect github.com/josharian/intern v1.0.0 // indirect - github.com/mailru/easyjson v0.7.7 // indirect - github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mailru/easyjson v0.9.0 // indirect + github.com/mattn/go-colorable v0.1.14 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect @@ -40,13 +45,15 @@ require ( github.com/sirupsen/logrus v1.9.3 // indirect github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect - go.mongodb.org/mongo-driver v1.15.0 // indirect - go.opentelemetry.io/otel v1.26.0 // indirect - go.opentelemetry.io/otel/metric v1.26.0 // indirect - go.opentelemetry.io/otel/trace v1.26.0 // indirect - golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df // indirect - golang.org/x/oauth2 v0.19.0 // indirect - golang.org/x/sync v0.7.0 // indirect - golang.org/x/sys v0.19.0 // indirect + go.mongodb.org/mongo-driver v1.17.2 // indirect + go.opentelemetry.io/auto/sdk v1.1.0 // indirect + go.opentelemetry.io/otel v1.34.0 // indirect + go.opentelemetry.io/otel/metric v1.34.0 // indirect + go.opentelemetry.io/otel/sdk v1.32.0 // indirect + go.opentelemetry.io/otel/trace v1.34.0 // indirect + golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac // indirect + golang.org/x/oauth2 v0.26.0 // indirect + golang.org/x/sync v0.11.0 // indirect + golang.org/x/sys v0.30.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/provider/shim/go.sum b/provider/shim/go.sum index 0b93e6e..05072d7 100644 --- a/provider/shim/go.sum +++ b/provider/shim/go.sum @@ -10,19 +10,19 @@ github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= -github.com/crowdstrike/gofalcon v0.6.1-0.20240426204036-ac8ce2b4f2d7 h1:NLcXFICTUakAvJFSH8z+Ht6SfJ52FbOasYdP8p7BcsQ= -github.com/crowdstrike/gofalcon v0.6.1-0.20240426204036-ac8ce2b4f2d7/go.mod h1:7KSolP3XCntqZiu7GfGd8uedAQ82dqBNpP0gqBksWB8= -github.com/crowdstrike/terraform-provider-crowdstrike v0.0.12 h1:g9h37KThI0yutXVXPWTERgGedLq9+l1t8aPvlSR9bVo= -github.com/crowdstrike/terraform-provider-crowdstrike v0.0.12/go.mod h1:R9kYJzHPH0NKBwPwJdNchkorNDAKxbqr/Cnxx8JPPw0= +github.com/crowdstrike/gofalcon v0.11.1 h1:JLZ341GMSrReZiqJylNdRDTkU455Oh6sQ7sMM7unGgI= +github.com/crowdstrike/gofalcon v0.11.1/go.mod h1:bczghNwcnYX8kGstPZQC2XsijbvFF2ng5YA9Uv8ZmLE= +github.com/crowdstrike/terraform-provider-crowdstrike v0.0.15 h1:kpbNxjS6BnIazfcZ+uk2cG6MxbeE8qCjrOf7XAY1wBI= +github.com/crowdstrike/terraform-provider-crowdstrike v0.0.15/go.mod h1:47i1E++U6FOR/hcsvlfhLyw0BVS6GWnRcmIDI/rNIRc= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= -github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= +github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-openapi/analysis v0.23.0 h1:aGday7OWupfMs+LbmLZG4k0MYXIANxcuBTYUC03zFCU= @@ -59,59 +59,60 @@ github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9n github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBMaudVLy8fmjf9Npq1dq9RalhveqZG5w/yz3mHWs= -github.com/hashicorp/go-hclog v1.6.2 h1:NOtoftovWkDheyUM/8JW3QMiXyxJK3uHRK7wV04nD2I= -github.com/hashicorp/go-hclog v1.6.2/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= +github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-plugin v1.6.0 h1:wgd4KxHJTVGGqWBq4QPB1i5BZNEx9BR8+OFmHDmTk8A= -github.com/hashicorp/go-plugin v1.6.0/go.mod h1:lBS5MtSSBZk0SHc66KACcjjlU6WzEVP/8pwz68aMkCI= +github.com/hashicorp/go-plugin v1.6.3 h1:xgHB+ZUSYeuJi96WtxEjzi23uh7YQpznjGh0U0UUrwg= +github.com/hashicorp/go-plugin v1.6.3/go.mod h1:MRobyh+Wc/nYy1V4KAXUiYfzxoYhs7V1mlH1Z7iY2h0= +github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= +github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= -github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/hc-install v0.6.4 h1:QLqlM56/+SIIGvGcfFiwMY3z5WGXT066suo/v9Km8e0= -github.com/hashicorp/hc-install v0.6.4/go.mod h1:05LWLy8TD842OtgcfBbOT0WMoInBMUSHjmDx10zuBIA= -github.com/hashicorp/hcl/v2 v2.20.0 h1:l++cRs/5jQOiKVvqXZm/P1ZEfVXJmvLS9WSVxkaeTb4= -github.com/hashicorp/hcl/v2 v2.20.0/go.mod h1:WmcD/Ym72MDOOx5F62Ly+leloeu6H7m0pG7VBiU6pQk= +github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY= +github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/hc-install v0.9.0 h1:2dIk8LcvANwtv3QZLckxcjyF5w8KVtiMxu6G6eLhghE= +github.com/hashicorp/hc-install v0.9.0/go.mod h1:+6vOP+mf3tuGgMApVYtmsnDoKWMDcFXeTxCACYZ8SFg= +github.com/hashicorp/hcl/v2 v2.23.0 h1:Fphj1/gCylPxHutVSEOf2fBOh1VE4AuLV7+kbJf3qos= +github.com/hashicorp/hcl/v2 v2.23.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA= github.com/hashicorp/logutils v1.0.0 h1:dLEQVugN8vlakKOUE3ihGLTZJRB4j+M2cdTm/ORI65Y= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/terraform-exec v0.20.0 h1:DIZnPsqzPGuUnq6cH8jWcPunBfY+C+M8JyYF3vpnuEo= -github.com/hashicorp/terraform-exec v0.20.0/go.mod h1:ckKGkJWbsNqFKV1itgMnE0hY9IYf1HoiekpuN0eWoDw= -github.com/hashicorp/terraform-json v0.21.0 h1:9NQxbLNqPbEMze+S6+YluEdXgJmhQykRyRNd+zTI05U= -github.com/hashicorp/terraform-json v0.21.0/go.mod h1:qdeBs11ovMzo5puhrRibdD6d2Dq6TyE/28JiU4tIQxk= -github.com/hashicorp/terraform-plugin-framework v1.8.0 h1:P07qy8RKLcoBkCrY2RHJer5AEvJnDuXomBgou6fD8kI= -github.com/hashicorp/terraform-plugin-framework v1.8.0/go.mod h1:/CpTukO88PcL/62noU7cuyaSJ4Rsim+A/pa+3rUVufY= -github.com/hashicorp/terraform-plugin-framework-validators v0.12.0 h1:HOjBuMbOEzl7snOdOoUfE2Jgeto6JOjLVQ39Ls2nksc= -github.com/hashicorp/terraform-plugin-framework-validators v0.12.0/go.mod h1:jfHGE/gzjxYz6XoUwi/aYiiKrJDeutQNUtGQXkaHklg= -github.com/hashicorp/terraform-plugin-go v0.22.2 h1:5o8uveu6eZUf5J7xGPV0eY0TPXg3qpmwX9sce03Bxnc= -github.com/hashicorp/terraform-plugin-go v0.22.2/go.mod h1:drq8Snexp9HsbFZddvyLHN6LuWHHndSQg+gV+FPkcIM= +github.com/hashicorp/terraform-exec v0.21.0 h1:uNkLAe95ey5Uux6KJdua6+cv8asgILFVWkd/RG0D2XQ= +github.com/hashicorp/terraform-exec v0.21.0/go.mod h1:1PPeMYou+KDUSSeRE9szMZ/oHf4fYUmB923Wzbq1ICg= +github.com/hashicorp/terraform-json v0.23.0 h1:sniCkExU4iKtTADReHzACkk8fnpQXrdD2xoR+lppBkI= +github.com/hashicorp/terraform-json v0.23.0/go.mod h1:MHdXbBAbSg0GvzuWazEGKAn/cyNfIB7mN6y7KJN6y2c= +github.com/hashicorp/terraform-plugin-framework v1.13.0 h1:8OTG4+oZUfKgnfTdPTJwZ532Bh2BobF4H+yBiYJ/scw= +github.com/hashicorp/terraform-plugin-framework v1.13.0/go.mod h1:j64rwMGpgM3NYXTKuxrCnyubQb/4VKldEKlcG8cvmjU= +github.com/hashicorp/terraform-plugin-framework-validators v0.16.0 h1:O9QqGoYDzQT7lwTXUsZEtgabeWW96zUBh47Smn2lkFA= +github.com/hashicorp/terraform-plugin-framework-validators v0.16.0/go.mod h1:Bh89/hNmqsEWug4/XWKYBwtnw3tbz5BAy1L1OgvbIaY= +github.com/hashicorp/terraform-plugin-go v0.26.0 h1:cuIzCv4qwigug3OS7iKhpGAbZTiypAfFQmw8aE65O2M= +github.com/hashicorp/terraform-plugin-go v0.26.0/go.mod h1:+CXjuLDiFgqR+GcrM5a2E2Kal5t5q2jb0E3D57tTdNY= github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0= github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow= -github.com/hashicorp/terraform-plugin-sdk/v2 v2.33.0 h1:qHprzXy/As0rxedphECBEQAh3R4yp6pKksKHcqZx5G8= -github.com/hashicorp/terraform-plugin-sdk/v2 v2.33.0/go.mod h1:H+8tjs9TjV2w57QFVSMBQacf8k/E1XwLXGCARgViC6A= -github.com/hashicorp/terraform-plugin-testing v1.7.0 h1:I6aeCyZ30z4NiI3tzyDoO6fS7YxP5xSL1ceOon3gTe8= -github.com/hashicorp/terraform-plugin-testing v1.7.0/go.mod h1:sbAreCleJNOCz+y5vVHV8EJkIWZKi/t4ndKiUjM9vao= -github.com/hashicorp/terraform-registry-address v0.2.3 h1:2TAiKJ1A3MAkZlH1YI/aTVcLZRu7JseiXNRHbOAyoTI= -github.com/hashicorp/terraform-registry-address v0.2.3/go.mod h1:lFHA76T8jfQteVfT7caREqguFrW3c4MFSPhZB7HHgUM= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.35.0 h1:wyKCCtn6pBBL46c1uIIBNUOWlNfYXfXpVo16iDyLp8Y= +github.com/hashicorp/terraform-plugin-sdk/v2 v2.35.0/go.mod h1:B0Al8NyYVr8Mp/KLwssKXG1RqnTk7FySqSn4fRuLNgw= +github.com/hashicorp/terraform-plugin-testing v1.11.0 h1:MeDT5W3YHbONJt2aPQyaBsgQeAIckwPX41EUHXEn29A= +github.com/hashicorp/terraform-plugin-testing v1.11.0/go.mod h1:WNAHQ3DcgV/0J+B15WTE6hDvxcUdkPPpnB1FR3M910U= +github.com/hashicorp/terraform-registry-address v0.2.4 h1:JXu/zHB2Ymg/TGVCRu10XqNa4Sh2bWcqCNyKWjnCPJA= +github.com/hashicorp/terraform-registry-address v0.2.4/go.mod h1:tUNYTVyCtU4OIGXXMDp7WNcJ+0W1B4nmstVDgHMjfAU= github.com/hashicorp/terraform-svchost v0.1.1 h1:EZZimZ1GxdqFRinZ1tpJwVxxt49xc/S52uzrw4x0jKQ= github.com/hashicorp/terraform-svchost v0.1.1/go.mod h1:mNsjQfZyf/Jhz35v6/0LWcv26+X7JPS+buii2c9/ctc= -github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= -github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= +github.com/hashicorp/yamux v0.1.2 h1:XtB8kyFOyHXYVFnwT5C3+Bdo8gArse7j2AQ0DA0Uey8= +github.com/hashicorp/yamux v0.1.2/go.mod h1:C+zze2n6e/7wshOZep2A70/aQU6QBRWJO/G6FT1wIns= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= +github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= -github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= -github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= +github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= @@ -124,76 +125,77 @@ github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyua github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= -github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= +github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA= +github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU= github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= -github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= +github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= -github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IUPn0Bjt8= github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= -github.com/zclconf/go-cty v1.14.4 h1:uXXczd9QDGsgu0i/QFR/hzI5NYCHLf6NQw/atrbnhq8= -github.com/zclconf/go-cty v1.14.4/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= -go.mongodb.org/mongo-driver v1.15.0 h1:rJCKC8eEliewXjZGf0ddURtl7tTVy1TK3bfl0gkUSLc= -go.mongodb.org/mongo-driver v1.15.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= -go.opentelemetry.io/otel v1.26.0 h1:LQwgL5s/1W7YiiRwxf03QGnWLb2HW4pLiAhaA5cZXBs= -go.opentelemetry.io/otel v1.26.0/go.mod h1:UmLkJHUAidDval2EICqBMbnAd0/m2vmpf/dAM+fvFs4= -go.opentelemetry.io/otel/metric v1.26.0 h1:7S39CLuY5Jgg9CrnA9HHiEjGMF/X2VHvoXGgSllRz30= -go.opentelemetry.io/otel/metric v1.26.0/go.mod h1:SY+rHOI4cEawI9a7N1A4nIg/nTQXe1ccCNWYOJUrpX4= -go.opentelemetry.io/otel/sdk v1.24.0 h1:YMPPDNymmQN3ZgczicBY3B6sf9n62Dlj9pWD3ucgoDw= -go.opentelemetry.io/otel/sdk v1.24.0/go.mod h1:KVrIYw6tEubO9E96HQpcmpTKDVn9gdv35HoYiQWGDFg= -go.opentelemetry.io/otel/trace v1.26.0 h1:1ieeAUb4y0TE26jUFrCIXKpTuVK7uJGN9/Z/2LP5sQA= -go.opentelemetry.io/otel/trace v1.26.0/go.mod h1:4iDxvGDQuUkHve82hJJ8UqrwswHYsZuWCBllGV2U2y0= -golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df h1:UA2aFVmmsIlefxMk29Dp2juaUSth8Pyn3Tq5Y5mJGME= -golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc= -golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic= -golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg= -golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +github.com/zclconf/go-cty v1.15.0 h1:tTCRWxsexYUmtt/wVxgDClUe+uQusuI443uL6e+5sXQ= +github.com/zclconf/go-cty v1.15.0/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= +go.mongodb.org/mongo-driver v1.17.2 h1:gvZyk8352qSfzyZ2UMWcpDpMSGEr1eqE4T793SqyhzM= +go.mongodb.org/mongo-driver v1.17.2/go.mod h1:Hy04i7O2kC4RS06ZrhPRqj/u4DTYkFDAAccj+rVKqgQ= +go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= +go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= +go.opentelemetry.io/otel v1.34.0 h1:zRLXxLCgL1WyKsPVrgbSdMN4c0FMkDAskSTQP+0hdUY= +go.opentelemetry.io/otel v1.34.0/go.mod h1:OWFPOQ+h4G8xpyjgqo4SxJYdDQ/qmRH+wivy7zzx9oI= +go.opentelemetry.io/otel/metric v1.34.0 h1:+eTR3U0MyfWjRDhmFMxe2SsW64QrZ84AOhvqS7Y+PoQ= +go.opentelemetry.io/otel/metric v1.34.0/go.mod h1:CEDrp0fy2D0MvkXE+dPV7cMi8tWZwX3dmaIhwPOaqHE= +go.opentelemetry.io/otel/sdk v1.32.0 h1:RNxepc9vK59A8XsgZQouW8ue8Gkb4jpWtJm9ge5lEG4= +go.opentelemetry.io/otel/sdk v1.32.0/go.mod h1:LqgegDBjKMmb2GC6/PrTnteJG39I8/vJCAP9LlJXEjU= +go.opentelemetry.io/otel/trace v1.34.0 h1:+ouXS2V8Rd4hp4580a8q23bg0azF2nI8cqLYnC8mh/k= +go.opentelemetry.io/otel/trace v1.34.0/go.mod h1:Svm7lSjQD7kG7KJ/MUHPVXSDGz2OX4h0M2jHBhmSfRE= +golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus= +golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M= +golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac h1:l5+whBCLH3iH2ZNHYLbAe58bo7yrN4mVcnkHDYz5vvs= +golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac/go.mod h1:hH+7mtFmImwwcMvScyxUhjuVHR3HGaDPMn9rMSUUbxo= +golang.org/x/mod v0.23.0 h1:Zb7khfcRGKk+kqfxFaP5tZqCnDZMjC5VtUBs87Hr6QM= +golang.org/x/mod v0.23.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= +golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8= +golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk= +golang.org/x/oauth2 v0.26.0 h1:afQXWNNaeC4nvZ0Ed9XvCCzXM6UHJG7iCg0W4fPqSBE= +golang.org/x/oauth2 v0.26.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w= +golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= -golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ= -golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM= +golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY= +golang.org/x/tools v0.30.0 h1:BgcpHewrV5AUp2G9MebG4XPFI1E2W41zU1SaqVA9vJY= +golang.org/x/tools v0.30.0/go.mod h1:c347cR/OJfw5TI+GfX7RUPNMdDRRbjvYTS0jPyvsVtY= google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de h1:cZGRis4/ot9uVm639a+rHCUaG0JJHEsdyzSQTMX+suY= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:H4O17MA/PE9BsGx3w+a+W2VOLLD1Qf7oJneAoU6WktY= -google.golang.org/grpc v1.63.2 h1:MUeiw1B2maTVZthpU5xvASfTh3LDbxHd6IJ6QQVU+xM= -google.golang.org/grpc v1.63.2/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250207221924-e9438ea467c6 h1:2duwAxN2+k0xLNpjnHTXoMUgnv6VPSp5fiqTuwSxjmI= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250207221924-e9438ea467c6/go.mod h1:8BS3B93F/U1juMFq9+EDk+qOT5CO1R9IzXxG3PTqiRk= +google.golang.org/grpc v1.70.0 h1:pWFv03aZoHzlRKHWicjsZytKAiYCtNS0dHbXnIdq7jQ= +google.golang.org/grpc v1.70.0/go.mod h1:ofIJqVKDXx/JiXrwr2IG4/zwdH9txy3IlF40RmcJSQw= +google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= +google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= diff --git a/pulumi-crowdstrike.sln b/pulumi-crowdstrike.sln new file mode 100644 index 0000000..b5be6b1 --- /dev/null +++ b/pulumi-crowdstrike.sln @@ -0,0 +1,38 @@ +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 17 +VisualStudioVersion = 17.5.2.0 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "sdk", "sdk", "{FF13A09E-0E72-1904-124B-A4E979EF28D3}" +EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "examples", "examples", "{B36A84DF-456D-A817-6EDD-3EC3E7F6E11F}" +EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CrowdStrike.Crowdstrike", "sdk\dotnet\CrowdStrike.Crowdstrike.csproj", "{DCE23AD3-8D7A-5ADE-F885-971DB4E234B5}" +EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "crowdstrike-csharp", "examples\crowdstrike-csharp\crowdstrike-csharp.csproj", "{F6F66188-CC9E-C027-9DEA-A666657FFB50}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Release|Any CPU = Release|Any CPU + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {DCE23AD3-8D7A-5ADE-F885-971DB4E234B5}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {DCE23AD3-8D7A-5ADE-F885-971DB4E234B5}.Debug|Any CPU.Build.0 = Debug|Any CPU + {DCE23AD3-8D7A-5ADE-F885-971DB4E234B5}.Release|Any CPU.ActiveCfg = Release|Any CPU + {DCE23AD3-8D7A-5ADE-F885-971DB4E234B5}.Release|Any CPU.Build.0 = Release|Any CPU + {F6F66188-CC9E-C027-9DEA-A666657FFB50}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {F6F66188-CC9E-C027-9DEA-A666657FFB50}.Debug|Any CPU.Build.0 = Debug|Any CPU + {F6F66188-CC9E-C027-9DEA-A666657FFB50}.Release|Any CPU.ActiveCfg = Release|Any CPU + {F6F66188-CC9E-C027-9DEA-A666657FFB50}.Release|Any CPU.Build.0 = Release|Any CPU + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(NestedProjects) = preSolution + {DCE23AD3-8D7A-5ADE-F885-971DB4E234B5} = {FF13A09E-0E72-1904-124B-A4E979EF28D3} + {F6F66188-CC9E-C027-9DEA-A666657FFB50} = {B36A84DF-456D-A817-6EDD-3EC3E7F6E11F} + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {98336FDC-5A20-4D30-A1C2-AF13E516A25A} + EndGlobalSection +EndGlobal diff --git a/sdk/go.mod b/sdk/go.mod index 41cf474..75ae428 100644 --- a/sdk/go.mod +++ b/sdk/go.mod @@ -4,7 +4,7 @@ go 1.22 require ( github.com/blang/semver v3.5.1+incompatible - github.com/pulumi/pulumi/sdk/v3 v3.147.0 + github.com/pulumi/pulumi/sdk/v3 v3.148.0 ) require ( diff --git a/sdk/go.sum b/sdk/go.sum index 3b10976..e660bec 100644 --- a/sdk/go.sum +++ b/sdk/go.sum @@ -148,8 +148,8 @@ github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435 github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE= github.com/pulumi/esc v0.9.1 h1:HH5eEv8sgyxSpY5a8yePyqFXzA8cvBvapfH8457+mIs= github.com/pulumi/esc v0.9.1/go.mod h1:oEJ6bOsjYlQUpjf70GiX+CXn3VBmpwFDxUTlmtUN84c= -github.com/pulumi/pulumi/sdk/v3 v3.147.0 h1:8ZDZnEsCZa6shw1dwIDUssbYMooYyebhpmx5feuZCqM= -github.com/pulumi/pulumi/sdk/v3 v3.147.0/go.mod h1:+WC9aIDo8fMgd2g0jCHuZU2S/VYNLRAZ3QXt6YVgwaA= +github.com/pulumi/pulumi/sdk/v3 v3.148.0 h1:tEw1FQOKoQVP7HfZWI9DJQl4ZvGaL1z2ixZdN2wGV/o= +github.com/pulumi/pulumi/sdk/v3 v3.148.0/go.mod h1:+WC9aIDo8fMgd2g0jCHuZU2S/VYNLRAZ3QXt6YVgwaA= github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= From bf8c53a36f96b851f7867f6db35d47ca25fb8234 Mon Sep 17 00:00:00 2001 From: Gax Date: Mon, 3 Mar 2025 11:45:11 -0500 Subject: [PATCH 2/2] make build_sdks --- sdk/dotnet/CloudAwsAccount.cs | 326 +++++ sdk/dotnet/Config/Config.cs | 13 +- sdk/dotnet/GetCloudAwsAccount.cs | 211 ++++ .../CloudAwsAccountAssetInventoryArgs.cs | 33 + .../CloudAwsAccountAssetInventoryGetArgs.cs | 33 + sdk/dotnet/Inputs/CloudAwsAccountDspmArgs.cs | 33 + .../Inputs/CloudAwsAccountDspmGetArgs.cs | 33 + sdk/dotnet/Inputs/CloudAwsAccountIdpArgs.cs | 33 + .../Inputs/CloudAwsAccountIdpGetArgs.cs | 33 + .../CloudAwsAccountRealtimeVisibilityArgs.cs | 39 + ...loudAwsAccountRealtimeVisibilityGetArgs.cs | 39 + .../CloudAwsAccountSensorManagementArgs.cs | 27 + .../CloudAwsAccountSensorManagementGetArgs.cs | 27 + .../Outputs/CloudAwsAccountAssetInventory.cs | 36 + sdk/dotnet/Outputs/CloudAwsAccountDspm.cs | 36 + sdk/dotnet/Outputs/CloudAwsAccountIdp.cs | 36 + .../CloudAwsAccountRealtimeVisibility.cs | 43 + .../CloudAwsAccountSensorManagement.cs | 28 + .../GetCloudAwsAccountAccountResult.cs | 148 +++ sdk/dotnet/PreventionPolicyLinux.cs | 62 +- sdk/dotnet/PreventionPolicyMac.cs | 5 +- sdk/dotnet/PreventionPolicyWindows.cs | 126 +- sdk/dotnet/Provider.cs | 18 +- sdk/go/crowdstrike/cloudAwsAccount.go | 417 +++++++ sdk/go/crowdstrike/config/config.go | 8 +- sdk/go/crowdstrike/getCloudAwsAccount.go | 146 +++ sdk/go/crowdstrike/init.go | 7 + sdk/go/crowdstrike/preventionPolicyLinux.go | 56 +- sdk/go/crowdstrike/preventionPolicyMac.go | 8 +- sdk/go/crowdstrike/preventionPolicyWindows.go | 124 +- sdk/go/crowdstrike/provider.go | 23 +- sdk/go/crowdstrike/pulumiTypes.go | 1054 +++++++++++++++++ sdk/nodejs/cloudAwsAccount.ts | 252 ++++ sdk/nodejs/config/vars.ts | 14 +- sdk/nodejs/getCloudAwsAccount.ts | 124 ++ sdk/nodejs/index.ts | 13 + sdk/nodejs/preventionPolicyLinux.ts | 47 +- sdk/nodejs/preventionPolicyMac.ts | 2 +- sdk/nodejs/preventionPolicyWindows.ts | 119 +- sdk/nodejs/provider.ts | 15 +- sdk/nodejs/tsconfig.json | 2 + sdk/nodejs/types/input.ts | 55 + sdk/nodejs/types/output.ts | 130 ++ sdk/python/crowdstrike_pulumi/__init__.py | 10 + sdk/python/crowdstrike_pulumi/_inputs.py | 264 +++++ sdk/python/crowdstrike_pulumi/_utilities.py | 12 +- .../crowdstrike_pulumi/cloud_aws_account.py | 755 ++++++++++++ .../crowdstrike_pulumi/config/__init__.pyi | 8 +- sdk/python/crowdstrike_pulumi/config/vars.py | 10 +- .../get_cloud_aws_account.py | 165 +++ sdk/python/crowdstrike_pulumi/outputs.py | 413 +++++++ .../prevention_policy_linux.py | 155 ++- .../prevention_policy_mac.py | 4 +- .../prevention_policy_windows.py | 257 ++-- sdk/python/crowdstrike_pulumi/provider.py | 42 +- 55 files changed, 5815 insertions(+), 314 deletions(-) create mode 100644 sdk/dotnet/CloudAwsAccount.cs create mode 100644 sdk/dotnet/GetCloudAwsAccount.cs create mode 100644 sdk/dotnet/Inputs/CloudAwsAccountAssetInventoryArgs.cs create mode 100644 sdk/dotnet/Inputs/CloudAwsAccountAssetInventoryGetArgs.cs create mode 100644 sdk/dotnet/Inputs/CloudAwsAccountDspmArgs.cs create mode 100644 sdk/dotnet/Inputs/CloudAwsAccountDspmGetArgs.cs create mode 100644 sdk/dotnet/Inputs/CloudAwsAccountIdpArgs.cs create mode 100644 sdk/dotnet/Inputs/CloudAwsAccountIdpGetArgs.cs create mode 100644 sdk/dotnet/Inputs/CloudAwsAccountRealtimeVisibilityArgs.cs create mode 100644 sdk/dotnet/Inputs/CloudAwsAccountRealtimeVisibilityGetArgs.cs create mode 100644 sdk/dotnet/Inputs/CloudAwsAccountSensorManagementArgs.cs create mode 100644 sdk/dotnet/Inputs/CloudAwsAccountSensorManagementGetArgs.cs create mode 100644 sdk/dotnet/Outputs/CloudAwsAccountAssetInventory.cs create mode 100644 sdk/dotnet/Outputs/CloudAwsAccountDspm.cs create mode 100644 sdk/dotnet/Outputs/CloudAwsAccountIdp.cs create mode 100644 sdk/dotnet/Outputs/CloudAwsAccountRealtimeVisibility.cs create mode 100644 sdk/dotnet/Outputs/CloudAwsAccountSensorManagement.cs create mode 100644 sdk/dotnet/Outputs/GetCloudAwsAccountAccountResult.cs create mode 100644 sdk/go/crowdstrike/cloudAwsAccount.go create mode 100644 sdk/go/crowdstrike/getCloudAwsAccount.go create mode 100644 sdk/nodejs/cloudAwsAccount.ts create mode 100644 sdk/nodejs/getCloudAwsAccount.ts create mode 100644 sdk/python/crowdstrike_pulumi/cloud_aws_account.py create mode 100644 sdk/python/crowdstrike_pulumi/get_cloud_aws_account.py diff --git a/sdk/dotnet/CloudAwsAccount.cs b/sdk/dotnet/CloudAwsAccount.cs new file mode 100644 index 0000000..8f0d93e --- /dev/null +++ b/sdk/dotnet/CloudAwsAccount.cs @@ -0,0 +1,326 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike +{ + /// + /// This resource allows management of an AWS account in Falcon. + /// + /// ## API Scopes + /// + /// The following API scopes are required: + /// + /// - Cloud security AWS registration | Read & Write + /// - CSPM registration | Read & Write + /// + [CrowdstrikeResourceType("crowdstrike:index/cloudAwsAccount:CloudAwsAccount")] + public partial class CloudAwsAccount : global::Pulumi.CustomResource + { + /// + /// The AWS Account ID + /// + [Output("accountId")] + public Output AccountId { get; private set; } = null!; + + /// + /// The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + /// + [Output("accountType")] + public Output AccountType { get; private set; } = null!; + + [Output("assetInventory")] + public Output AssetInventory { get; private set; } = null!; + + /// + /// The name of the CloudTrail S3 bucket used for real-time visibility + /// + [Output("cloudtrailBucketName")] + public Output CloudtrailBucketName { get; private set; } = null!; + + [Output("deploymentMethod")] + public Output DeploymentMethod { get; private set; } = null!; + + [Output("dspm")] + public Output Dspm { get; private set; } = null!; + + /// + /// The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + /// + [Output("dspmRoleArn")] + public Output DspmRoleArn { get; private set; } = null!; + + /// + /// The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + /// + [Output("eventbusArn")] + public Output EventbusArn { get; private set; } = null!; + + /// + /// The name of the Amazon EventBridge used by CrowdStrike to forward messages + /// + [Output("eventbusName")] + public Output EventbusName { get; private set; } = null!; + + /// + /// The external ID used to assume the AWS IAM role + /// + [Output("externalId")] + public Output ExternalId { get; private set; } = null!; + + /// + /// The ARN of the AWS IAM role used to access this AWS account + /// + [Output("iamRoleArn")] + public Output IamRoleArn { get; private set; } = null!; + + [Output("idp")] + public Output Idp { get; private set; } = null!; + + /// + /// The ARN of the intermediate role used to assume the AWS IAM role + /// + [Output("intermediateRoleArn")] + public Output IntermediateRoleArn { get; private set; } = null!; + + /// + /// Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + /// + [Output("isOrganizationManagementAccount")] + public Output IsOrganizationManagementAccount { get; private set; } = null!; + + /// + /// The AWS Organization ID + /// + [Output("organizationId")] + public Output OrganizationId { get; private set; } = null!; + + [Output("realtimeVisibility")] + public Output RealtimeVisibility { get; private set; } = null!; + + [Output("sensorManagement")] + public Output SensorManagement { get; private set; } = null!; + + /// + /// The list of target Organizational Units + /// + [Output("targetOuses")] + public Output> TargetOuses { get; private set; } = null!; + + + /// + /// Create a CloudAwsAccount resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public CloudAwsAccount(string name, CloudAwsAccountArgs args, CustomResourceOptions? options = null) + : base("crowdstrike:index/cloudAwsAccount:CloudAwsAccount", name, args ?? new CloudAwsAccountArgs(), MakeResourceOptions(options, "")) + { + } + + private CloudAwsAccount(string name, Input id, CloudAwsAccountState? state = null, CustomResourceOptions? options = null) + : base("crowdstrike:index/cloudAwsAccount:CloudAwsAccount", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + PluginDownloadURL = "github://api.github.com/crowdstrike/pulumi-crowdstrike", + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing CloudAwsAccount resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static CloudAwsAccount Get(string name, Input id, CloudAwsAccountState? state = null, CustomResourceOptions? options = null) + { + return new CloudAwsAccount(name, id, state, options); + } + } + + public sealed class CloudAwsAccountArgs : global::Pulumi.ResourceArgs + { + /// + /// The AWS Account ID + /// + [Input("accountId", required: true)] + public Input AccountId { get; set; } = null!; + + /// + /// The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + /// + [Input("accountType")] + public Input? AccountType { get; set; } + + [Input("assetInventory")] + public Input? AssetInventory { get; set; } + + [Input("deploymentMethod")] + public Input? DeploymentMethod { get; set; } + + [Input("dspm")] + public Input? Dspm { get; set; } + + [Input("idp")] + public Input? Idp { get; set; } + + /// + /// Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + /// + [Input("isOrganizationManagementAccount")] + public Input? IsOrganizationManagementAccount { get; set; } + + /// + /// The AWS Organization ID + /// + [Input("organizationId")] + public Input? OrganizationId { get; set; } + + [Input("realtimeVisibility")] + public Input? RealtimeVisibility { get; set; } + + [Input("sensorManagement")] + public Input? SensorManagement { get; set; } + + [Input("targetOuses")] + private InputList? _targetOuses; + + /// + /// The list of target Organizational Units + /// + public InputList TargetOuses + { + get => _targetOuses ?? (_targetOuses = new InputList()); + set => _targetOuses = value; + } + + public CloudAwsAccountArgs() + { + } + public static new CloudAwsAccountArgs Empty => new CloudAwsAccountArgs(); + } + + public sealed class CloudAwsAccountState : global::Pulumi.ResourceArgs + { + /// + /// The AWS Account ID + /// + [Input("accountId")] + public Input? AccountId { get; set; } + + /// + /// The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + /// + [Input("accountType")] + public Input? AccountType { get; set; } + + [Input("assetInventory")] + public Input? AssetInventory { get; set; } + + /// + /// The name of the CloudTrail S3 bucket used for real-time visibility + /// + [Input("cloudtrailBucketName")] + public Input? CloudtrailBucketName { get; set; } + + [Input("deploymentMethod")] + public Input? DeploymentMethod { get; set; } + + [Input("dspm")] + public Input? Dspm { get; set; } + + /// + /// The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + /// + [Input("dspmRoleArn")] + public Input? DspmRoleArn { get; set; } + + /// + /// The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + /// + [Input("eventbusArn")] + public Input? EventbusArn { get; set; } + + /// + /// The name of the Amazon EventBridge used by CrowdStrike to forward messages + /// + [Input("eventbusName")] + public Input? EventbusName { get; set; } + + /// + /// The external ID used to assume the AWS IAM role + /// + [Input("externalId")] + public Input? ExternalId { get; set; } + + /// + /// The ARN of the AWS IAM role used to access this AWS account + /// + [Input("iamRoleArn")] + public Input? IamRoleArn { get; set; } + + [Input("idp")] + public Input? Idp { get; set; } + + /// + /// The ARN of the intermediate role used to assume the AWS IAM role + /// + [Input("intermediateRoleArn")] + public Input? IntermediateRoleArn { get; set; } + + /// + /// Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + /// + [Input("isOrganizationManagementAccount")] + public Input? IsOrganizationManagementAccount { get; set; } + + /// + /// The AWS Organization ID + /// + [Input("organizationId")] + public Input? OrganizationId { get; set; } + + [Input("realtimeVisibility")] + public Input? RealtimeVisibility { get; set; } + + [Input("sensorManagement")] + public Input? SensorManagement { get; set; } + + [Input("targetOuses")] + private InputList? _targetOuses; + + /// + /// The list of target Organizational Units + /// + public InputList TargetOuses + { + get => _targetOuses ?? (_targetOuses = new InputList()); + set => _targetOuses = value; + } + + public CloudAwsAccountState() + { + } + public static new CloudAwsAccountState Empty => new CloudAwsAccountState(); + } +} diff --git a/sdk/dotnet/Config/Config.cs b/sdk/dotnet/Config/Config.cs index b1c8fc0..714c40c 100644 --- a/sdk/dotnet/Config/Config.cs +++ b/sdk/dotnet/Config/Config.cs @@ -56,7 +56,8 @@ public static string? ClientSecret private static readonly __Value _cloud = new __Value(() => __config.Get("cloud")); /// - /// Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + /// Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + /// environment variable when left blank. /// public static string? Cloud { @@ -64,5 +65,15 @@ public static string? Cloud set => _cloud.Set(value); } + private static readonly __Value _memberCid = new __Value(() => __config.Get("memberCid")); + /// + /// For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + /// + public static string? MemberCid + { + get => _memberCid.Get(); + set => _memberCid.Set(value); + } + } } diff --git a/sdk/dotnet/GetCloudAwsAccount.cs b/sdk/dotnet/GetCloudAwsAccount.cs new file mode 100644 index 0000000..19bb6e6 --- /dev/null +++ b/sdk/dotnet/GetCloudAwsAccount.cs @@ -0,0 +1,211 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike +{ + public static class GetCloudAwsAccount + { + /// + /// This data source provides information about AWS accounts in Falcon. + /// + /// ## API Scopes + /// + /// The following API scopes are required: + /// + /// - Cloud security AWS registration | Read & Write + /// - CSPM registration | Read & Write + /// + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Crowdstrike = Pulumi.Crowdstrike; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var all = Crowdstrike.GetCloudAwsAccount.Invoke(); + /// + /// var specific = Crowdstrike.GetCloudAwsAccount.Invoke(new() + /// { + /// AccountId = "123456789012", + /// }); + /// + /// var org = Crowdstrike.GetCloudAwsAccount.Invoke(new() + /// { + /// OrganizationId = "o-123456789012", + /// }); + /// + /// }); + /// ``` + /// + public static Task InvokeAsync(GetCloudAwsAccountArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount", args ?? new GetCloudAwsAccountArgs(), options.WithDefaults()); + + /// + /// This data source provides information about AWS accounts in Falcon. + /// + /// ## API Scopes + /// + /// The following API scopes are required: + /// + /// - Cloud security AWS registration | Read & Write + /// - CSPM registration | Read & Write + /// + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Crowdstrike = Pulumi.Crowdstrike; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var all = Crowdstrike.GetCloudAwsAccount.Invoke(); + /// + /// var specific = Crowdstrike.GetCloudAwsAccount.Invoke(new() + /// { + /// AccountId = "123456789012", + /// }); + /// + /// var org = Crowdstrike.GetCloudAwsAccount.Invoke(new() + /// { + /// OrganizationId = "o-123456789012", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetCloudAwsAccountInvokeArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount", args ?? new GetCloudAwsAccountInvokeArgs(), options.WithDefaults()); + + /// + /// This data source provides information about AWS accounts in Falcon. + /// + /// ## API Scopes + /// + /// The following API scopes are required: + /// + /// - Cloud security AWS registration | Read & Write + /// - CSPM registration | Read & Write + /// + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Crowdstrike = Pulumi.Crowdstrike; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var all = Crowdstrike.GetCloudAwsAccount.Invoke(); + /// + /// var specific = Crowdstrike.GetCloudAwsAccount.Invoke(new() + /// { + /// AccountId = "123456789012", + /// }); + /// + /// var org = Crowdstrike.GetCloudAwsAccount.Invoke(new() + /// { + /// OrganizationId = "o-123456789012", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetCloudAwsAccountInvokeArgs args, InvokeOutputOptions options) + => global::Pulumi.Deployment.Instance.Invoke("crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount", args ?? new GetCloudAwsAccountInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetCloudAwsAccountArgs : global::Pulumi.InvokeArgs + { + /// + /// Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching + /// + [Input("accountId")] + public string? AccountId { get; set; } + + /// + /// Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching + /// + [Input("organizationId")] + public string? OrganizationId { get; set; } + + public GetCloudAwsAccountArgs() + { + } + public static new GetCloudAwsAccountArgs Empty => new GetCloudAwsAccountArgs(); + } + + public sealed class GetCloudAwsAccountInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching + /// + [Input("accountId")] + public Input? AccountId { get; set; } + + /// + /// Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching + /// + [Input("organizationId")] + public Input? OrganizationId { get; set; } + + public GetCloudAwsAccountInvokeArgs() + { + } + public static new GetCloudAwsAccountInvokeArgs Empty => new GetCloudAwsAccountInvokeArgs(); + } + + + [OutputType] + public sealed class GetCloudAwsAccountResult + { + /// + /// Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching + /// + public readonly string? AccountId; + /// + /// The list of AWS accounts + /// + public readonly ImmutableArray Accounts; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + /// + /// Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching + /// + public readonly string? OrganizationId; + + [OutputConstructor] + private GetCloudAwsAccountResult( + string? accountId, + + ImmutableArray accounts, + + string id, + + string? organizationId) + { + AccountId = accountId; + Accounts = accounts; + Id = id; + OrganizationId = organizationId; + } + } +} diff --git a/sdk/dotnet/Inputs/CloudAwsAccountAssetInventoryArgs.cs b/sdk/dotnet/Inputs/CloudAwsAccountAssetInventoryArgs.cs new file mode 100644 index 0000000..5481508 --- /dev/null +++ b/sdk/dotnet/Inputs/CloudAwsAccountAssetInventoryArgs.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Inputs +{ + + public sealed class CloudAwsAccountAssetInventoryArgs : global::Pulumi.ResourceArgs + { + /// + /// Enable asset inventory + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + /// + /// Custom AWS IAM role name + /// + [Input("roleName")] + public Input? RoleName { get; set; } + + public CloudAwsAccountAssetInventoryArgs() + { + } + public static new CloudAwsAccountAssetInventoryArgs Empty => new CloudAwsAccountAssetInventoryArgs(); + } +} diff --git a/sdk/dotnet/Inputs/CloudAwsAccountAssetInventoryGetArgs.cs b/sdk/dotnet/Inputs/CloudAwsAccountAssetInventoryGetArgs.cs new file mode 100644 index 0000000..7bee53b --- /dev/null +++ b/sdk/dotnet/Inputs/CloudAwsAccountAssetInventoryGetArgs.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Inputs +{ + + public sealed class CloudAwsAccountAssetInventoryGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Enable asset inventory + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + /// + /// Custom AWS IAM role name + /// + [Input("roleName")] + public Input? RoleName { get; set; } + + public CloudAwsAccountAssetInventoryGetArgs() + { + } + public static new CloudAwsAccountAssetInventoryGetArgs Empty => new CloudAwsAccountAssetInventoryGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/CloudAwsAccountDspmArgs.cs b/sdk/dotnet/Inputs/CloudAwsAccountDspmArgs.cs new file mode 100644 index 0000000..0db1ee1 --- /dev/null +++ b/sdk/dotnet/Inputs/CloudAwsAccountDspmArgs.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Inputs +{ + + public sealed class CloudAwsAccountDspmArgs : global::Pulumi.ResourceArgs + { + /// + /// Enable Data Security Posture Management + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + /// + /// Custom AWS IAM role name for Data Security Posture Management + /// + [Input("roleName")] + public Input? RoleName { get; set; } + + public CloudAwsAccountDspmArgs() + { + } + public static new CloudAwsAccountDspmArgs Empty => new CloudAwsAccountDspmArgs(); + } +} diff --git a/sdk/dotnet/Inputs/CloudAwsAccountDspmGetArgs.cs b/sdk/dotnet/Inputs/CloudAwsAccountDspmGetArgs.cs new file mode 100644 index 0000000..c10dfcb --- /dev/null +++ b/sdk/dotnet/Inputs/CloudAwsAccountDspmGetArgs.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Inputs +{ + + public sealed class CloudAwsAccountDspmGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Enable Data Security Posture Management + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + /// + /// Custom AWS IAM role name for Data Security Posture Management + /// + [Input("roleName")] + public Input? RoleName { get; set; } + + public CloudAwsAccountDspmGetArgs() + { + } + public static new CloudAwsAccountDspmGetArgs Empty => new CloudAwsAccountDspmGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/CloudAwsAccountIdpArgs.cs b/sdk/dotnet/Inputs/CloudAwsAccountIdpArgs.cs new file mode 100644 index 0000000..fb8615b --- /dev/null +++ b/sdk/dotnet/Inputs/CloudAwsAccountIdpArgs.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Inputs +{ + + public sealed class CloudAwsAccountIdpArgs : global::Pulumi.ResourceArgs + { + /// + /// Enable Identity Protection + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + /// + /// Current status of the Identity Protection integration + /// + [Input("status")] + public Input? Status { get; set; } + + public CloudAwsAccountIdpArgs() + { + } + public static new CloudAwsAccountIdpArgs Empty => new CloudAwsAccountIdpArgs(); + } +} diff --git a/sdk/dotnet/Inputs/CloudAwsAccountIdpGetArgs.cs b/sdk/dotnet/Inputs/CloudAwsAccountIdpGetArgs.cs new file mode 100644 index 0000000..4c1d412 --- /dev/null +++ b/sdk/dotnet/Inputs/CloudAwsAccountIdpGetArgs.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Inputs +{ + + public sealed class CloudAwsAccountIdpGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Enable Identity Protection + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + /// + /// Current status of the Identity Protection integration + /// + [Input("status")] + public Input? Status { get; set; } + + public CloudAwsAccountIdpGetArgs() + { + } + public static new CloudAwsAccountIdpGetArgs Empty => new CloudAwsAccountIdpGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/CloudAwsAccountRealtimeVisibilityArgs.cs b/sdk/dotnet/Inputs/CloudAwsAccountRealtimeVisibilityArgs.cs new file mode 100644 index 0000000..c3f2697 --- /dev/null +++ b/sdk/dotnet/Inputs/CloudAwsAccountRealtimeVisibilityArgs.cs @@ -0,0 +1,39 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Inputs +{ + + public sealed class CloudAwsAccountRealtimeVisibilityArgs : global::Pulumi.ResourceArgs + { + /// + /// The AWS region of the CloudTrail bucket + /// + [Input("cloudtrailRegion", required: true)] + public Input CloudtrailRegion { get; set; } = null!; + + /// + /// Enable real-time visibility and detection + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + /// + /// Set to true if a CloudTrail already exists + /// + [Input("useExistingCloudtrail")] + public Input? UseExistingCloudtrail { get; set; } + + public CloudAwsAccountRealtimeVisibilityArgs() + { + } + public static new CloudAwsAccountRealtimeVisibilityArgs Empty => new CloudAwsAccountRealtimeVisibilityArgs(); + } +} diff --git a/sdk/dotnet/Inputs/CloudAwsAccountRealtimeVisibilityGetArgs.cs b/sdk/dotnet/Inputs/CloudAwsAccountRealtimeVisibilityGetArgs.cs new file mode 100644 index 0000000..da5cd60 --- /dev/null +++ b/sdk/dotnet/Inputs/CloudAwsAccountRealtimeVisibilityGetArgs.cs @@ -0,0 +1,39 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Inputs +{ + + public sealed class CloudAwsAccountRealtimeVisibilityGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The AWS region of the CloudTrail bucket + /// + [Input("cloudtrailRegion", required: true)] + public Input CloudtrailRegion { get; set; } = null!; + + /// + /// Enable real-time visibility and detection + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + /// + /// Set to true if a CloudTrail already exists + /// + [Input("useExistingCloudtrail")] + public Input? UseExistingCloudtrail { get; set; } + + public CloudAwsAccountRealtimeVisibilityGetArgs() + { + } + public static new CloudAwsAccountRealtimeVisibilityGetArgs Empty => new CloudAwsAccountRealtimeVisibilityGetArgs(); + } +} diff --git a/sdk/dotnet/Inputs/CloudAwsAccountSensorManagementArgs.cs b/sdk/dotnet/Inputs/CloudAwsAccountSensorManagementArgs.cs new file mode 100644 index 0000000..30005b0 --- /dev/null +++ b/sdk/dotnet/Inputs/CloudAwsAccountSensorManagementArgs.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Inputs +{ + + public sealed class CloudAwsAccountSensorManagementArgs : global::Pulumi.ResourceArgs + { + /// + /// Enable 1-click sensor deployment + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + public CloudAwsAccountSensorManagementArgs() + { + } + public static new CloudAwsAccountSensorManagementArgs Empty => new CloudAwsAccountSensorManagementArgs(); + } +} diff --git a/sdk/dotnet/Inputs/CloudAwsAccountSensorManagementGetArgs.cs b/sdk/dotnet/Inputs/CloudAwsAccountSensorManagementGetArgs.cs new file mode 100644 index 0000000..9467ae4 --- /dev/null +++ b/sdk/dotnet/Inputs/CloudAwsAccountSensorManagementGetArgs.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Inputs +{ + + public sealed class CloudAwsAccountSensorManagementGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Enable 1-click sensor deployment + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + public CloudAwsAccountSensorManagementGetArgs() + { + } + public static new CloudAwsAccountSensorManagementGetArgs Empty => new CloudAwsAccountSensorManagementGetArgs(); + } +} diff --git a/sdk/dotnet/Outputs/CloudAwsAccountAssetInventory.cs b/sdk/dotnet/Outputs/CloudAwsAccountAssetInventory.cs new file mode 100644 index 0000000..e7b5384 --- /dev/null +++ b/sdk/dotnet/Outputs/CloudAwsAccountAssetInventory.cs @@ -0,0 +1,36 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Outputs +{ + + [OutputType] + public sealed class CloudAwsAccountAssetInventory + { + /// + /// Enable asset inventory + /// + public readonly bool Enabled; + /// + /// Custom AWS IAM role name + /// + public readonly string? RoleName; + + [OutputConstructor] + private CloudAwsAccountAssetInventory( + bool enabled, + + string? roleName) + { + Enabled = enabled; + RoleName = roleName; + } + } +} diff --git a/sdk/dotnet/Outputs/CloudAwsAccountDspm.cs b/sdk/dotnet/Outputs/CloudAwsAccountDspm.cs new file mode 100644 index 0000000..12ca557 --- /dev/null +++ b/sdk/dotnet/Outputs/CloudAwsAccountDspm.cs @@ -0,0 +1,36 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Outputs +{ + + [OutputType] + public sealed class CloudAwsAccountDspm + { + /// + /// Enable Data Security Posture Management + /// + public readonly bool Enabled; + /// + /// Custom AWS IAM role name for Data Security Posture Management + /// + public readonly string? RoleName; + + [OutputConstructor] + private CloudAwsAccountDspm( + bool enabled, + + string? roleName) + { + Enabled = enabled; + RoleName = roleName; + } + } +} diff --git a/sdk/dotnet/Outputs/CloudAwsAccountIdp.cs b/sdk/dotnet/Outputs/CloudAwsAccountIdp.cs new file mode 100644 index 0000000..2925c30 --- /dev/null +++ b/sdk/dotnet/Outputs/CloudAwsAccountIdp.cs @@ -0,0 +1,36 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Outputs +{ + + [OutputType] + public sealed class CloudAwsAccountIdp + { + /// + /// Enable Identity Protection + /// + public readonly bool Enabled; + /// + /// Current status of the Identity Protection integration + /// + public readonly string? Status; + + [OutputConstructor] + private CloudAwsAccountIdp( + bool enabled, + + string? status) + { + Enabled = enabled; + Status = status; + } + } +} diff --git a/sdk/dotnet/Outputs/CloudAwsAccountRealtimeVisibility.cs b/sdk/dotnet/Outputs/CloudAwsAccountRealtimeVisibility.cs new file mode 100644 index 0000000..1798dec --- /dev/null +++ b/sdk/dotnet/Outputs/CloudAwsAccountRealtimeVisibility.cs @@ -0,0 +1,43 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Outputs +{ + + [OutputType] + public sealed class CloudAwsAccountRealtimeVisibility + { + /// + /// The AWS region of the CloudTrail bucket + /// + public readonly string CloudtrailRegion; + /// + /// Enable real-time visibility and detection + /// + public readonly bool Enabled; + /// + /// Set to true if a CloudTrail already exists + /// + public readonly bool? UseExistingCloudtrail; + + [OutputConstructor] + private CloudAwsAccountRealtimeVisibility( + string cloudtrailRegion, + + bool enabled, + + bool? useExistingCloudtrail) + { + CloudtrailRegion = cloudtrailRegion; + Enabled = enabled; + UseExistingCloudtrail = useExistingCloudtrail; + } + } +} diff --git a/sdk/dotnet/Outputs/CloudAwsAccountSensorManagement.cs b/sdk/dotnet/Outputs/CloudAwsAccountSensorManagement.cs new file mode 100644 index 0000000..4ac00b5 --- /dev/null +++ b/sdk/dotnet/Outputs/CloudAwsAccountSensorManagement.cs @@ -0,0 +1,28 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Outputs +{ + + [OutputType] + public sealed class CloudAwsAccountSensorManagement + { + /// + /// Enable 1-click sensor deployment + /// + public readonly bool Enabled; + + [OutputConstructor] + private CloudAwsAccountSensorManagement(bool enabled) + { + Enabled = enabled; + } + } +} diff --git a/sdk/dotnet/Outputs/GetCloudAwsAccountAccountResult.cs b/sdk/dotnet/Outputs/GetCloudAwsAccountAccountResult.cs new file mode 100644 index 0000000..45a34f4 --- /dev/null +++ b/sdk/dotnet/Outputs/GetCloudAwsAccountAccountResult.cs @@ -0,0 +1,148 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; +using Pulumi; + +namespace CrowdStrike.Crowdstrike.Outputs +{ + + [OutputType] + public sealed class GetCloudAwsAccountAccountResult + { + /// + /// The AWS Account ID + /// + public readonly string AccountId; + /// + /// The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + /// + public readonly string AccountType; + /// + /// Whether asset inventory is enabled + /// + public readonly bool AssetInventoryEnabled; + /// + /// The name of the CloudTrail S3 bucket used for real-time visibility + /// + public readonly string CloudtrailBucketName; + /// + /// The AWS region of the CloudTrail bucket + /// + public readonly string CloudtrailRegion; + /// + /// Whether Data Security Posture Management is enabled + /// + public readonly bool DspmEnabled; + /// + /// The ARN of the IAM role to be used by CrowdStrike DSPM + /// + public readonly string DspmRoleArn; + /// + /// The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + /// + public readonly string EventbusArn; + /// + /// The name of the Amazon EventBridge used by CrowdStrike to forward messages + /// + public readonly string EventbusName; + /// + /// The external ID used to assume the AWS IAM role + /// + public readonly string ExternalId; + /// + /// The ARN of the AWS IAM role used to access this AWS account + /// + public readonly string IamRoleArn; + /// + /// Whether Identity Protection is enabled + /// + public readonly bool IdpEnabled; + /// + /// The ARN of the intermediate role used to assume the AWS IAM role + /// + public readonly string IntermediateRoleArn; + /// + /// Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + /// + public readonly bool IsOrganizationManagementAccount; + /// + /// The AWS Organization ID + /// + public readonly string OrganizationId; + /// + /// Whether real-time visibility is enabled + /// + public readonly bool RealtimeVisibilityEnabled; + /// + /// Whether 1-click sensor deployment is enabled + /// + public readonly bool SensorManagementEnabled; + /// + /// The list of AWS Organizational Units (OUs) targeted for this account + /// + public readonly ImmutableArray TargetOuses; + + [OutputConstructor] + private GetCloudAwsAccountAccountResult( + string accountId, + + string accountType, + + bool assetInventoryEnabled, + + string cloudtrailBucketName, + + string cloudtrailRegion, + + bool dspmEnabled, + + string dspmRoleArn, + + string eventbusArn, + + string eventbusName, + + string externalId, + + string iamRoleArn, + + bool idpEnabled, + + string intermediateRoleArn, + + bool isOrganizationManagementAccount, + + string organizationId, + + bool realtimeVisibilityEnabled, + + bool sensorManagementEnabled, + + ImmutableArray targetOuses) + { + AccountId = accountId; + AccountType = accountType; + AssetInventoryEnabled = assetInventoryEnabled; + CloudtrailBucketName = cloudtrailBucketName; + CloudtrailRegion = cloudtrailRegion; + DspmEnabled = dspmEnabled; + DspmRoleArn = dspmRoleArn; + EventbusArn = eventbusArn; + EventbusName = eventbusName; + ExternalId = externalId; + IamRoleArn = iamRoleArn; + IdpEnabled = idpEnabled; + IntermediateRoleArn = intermediateRoleArn; + IsOrganizationManagementAccount = isOrganizationManagementAccount; + OrganizationId = organizationId; + RealtimeVisibilityEnabled = realtimeVisibilityEnabled; + SensorManagementEnabled = sensorManagementEnabled; + TargetOuses = targetOuses; + } + } +} diff --git a/sdk/dotnet/PreventionPolicyLinux.cs b/sdk/dotnet/PreventionPolicyLinux.cs index f8cde0b..6aacf0a 100644 --- a/sdk/dotnet/PreventionPolicyLinux.cs +++ b/sdk/dotnet/PreventionPolicyLinux.cs @@ -33,10 +33,7 @@ namespace CrowdStrike.Crowdstrike /// { /// Enabled = true, /// Description = "Made with Pulumi", - /// HostGroups = new[] - /// { - /// "d6e3c1e1b3d0467da0fowc96a5e6ecb5", - /// }, + /// HostGroups = new[] {}, /// IoaRuleGroups = new[] {}, /// CloudAntiMalware = new Crowdstrike.Inputs.PreventionPolicyLinuxCloudAntiMalwareArgs /// { @@ -61,6 +58,9 @@ namespace CrowdStrike.Crowdstrike /// HttpVisibility = true, /// NetworkVisibility = true, /// TlsVisibility = true, + /// SensorTamperingProtection = true, + /// OnWriteScriptFileVisibility = true, + /// MemoryVisibility = true, /// }); /// /// return new Dictionary<string, object?> @@ -150,6 +150,12 @@ public partial class PreventionPolicyLinux : global::Pulumi.CustomResource [Output("lastUpdated")] public Output LastUpdated { get; private set; } = null!; + /// + /// Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + /// + [Output("memoryVisibility")] + public Output MemoryVisibility { get; private set; } = null!; + /// /// Name of the prevention policy. /// @@ -162,6 +168,12 @@ public partial class PreventionPolicyLinux : global::Pulumi.CustomResource [Output("networkVisibility")] public Output NetworkVisibility { get; private set; } = null!; + /// + /// Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + /// + [Output("onWriteScriptFileVisibility")] + public Output OnWriteScriptFileVisibility { get; private set; } = null!; + /// /// Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. /// @@ -186,6 +198,12 @@ public partial class PreventionPolicyLinux : global::Pulumi.CustomResource [Output("sensorAntiMalware")] public Output SensorAntiMalware { get; private set; } = null!; + /// + /// Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + /// + [Output("sensorTamperingProtection")] + public Output SensorTamperingProtection { get; private set; } = null!; + /// /// Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. /// @@ -329,6 +347,12 @@ public InputList IoaRuleGroups set => _ioaRuleGroups = value; } + /// + /// Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + /// + [Input("memoryVisibility")] + public Input? MemoryVisibility { get; set; } + /// /// Name of the prevention policy. /// @@ -341,6 +365,12 @@ public InputList IoaRuleGroups [Input("networkVisibility")] public Input? NetworkVisibility { get; set; } + /// + /// Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + /// + [Input("onWriteScriptFileVisibility")] + public Input? OnWriteScriptFileVisibility { get; set; } + /// /// Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. /// @@ -365,6 +395,12 @@ public InputList IoaRuleGroups [Input("sensorAntiMalware")] public Input? SensorAntiMalware { get; set; } + /// + /// Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + /// + [Input("sensorTamperingProtection")] + public Input? SensorTamperingProtection { get; set; } + /// /// Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. /// @@ -472,6 +508,12 @@ public InputList IoaRuleGroups [Input("lastUpdated")] public Input? LastUpdated { get; set; } + /// + /// Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + /// + [Input("memoryVisibility")] + public Input? MemoryVisibility { get; set; } + /// /// Name of the prevention policy. /// @@ -484,6 +526,12 @@ public InputList IoaRuleGroups [Input("networkVisibility")] public Input? NetworkVisibility { get; set; } + /// + /// Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + /// + [Input("onWriteScriptFileVisibility")] + public Input? OnWriteScriptFileVisibility { get; set; } + /// /// Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. /// @@ -508,6 +556,12 @@ public InputList IoaRuleGroups [Input("sensorAntiMalware")] public Input? SensorAntiMalware { get; set; } + /// + /// Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + /// + [Input("sensorTamperingProtection")] + public Input? SensorTamperingProtection { get; set; } + /// /// Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. /// diff --git a/sdk/dotnet/PreventionPolicyMac.cs b/sdk/dotnet/PreventionPolicyMac.cs index 7c33562..a2ec715 100644 --- a/sdk/dotnet/PreventionPolicyMac.cs +++ b/sdk/dotnet/PreventionPolicyMac.cs @@ -33,10 +33,7 @@ namespace CrowdStrike.Crowdstrike /// { /// Enabled = false, /// Description = "Made with Pulumi", - /// HostGroups = new[] - /// { - /// "d6e3c1e1b3d0467da0fowc96a5e6ecb5", - /// }, + /// HostGroups = new[] {}, /// IoaRuleGroups = new[] {}, /// CloudAdwareAndPup = new Crowdstrike.Inputs.PreventionPolicyMacCloudAdwareAndPupArgs /// { diff --git a/sdk/dotnet/PreventionPolicyWindows.cs b/sdk/dotnet/PreventionPolicyWindows.cs index ff42c97..69b9758 100644 --- a/sdk/dotnet/PreventionPolicyWindows.cs +++ b/sdk/dotnet/PreventionPolicyWindows.cs @@ -31,12 +31,9 @@ namespace CrowdStrike.Crowdstrike /// { /// var example = new Crowdstrike.PreventionPolicyWindows("example", new() /// { - /// Enabled = false, + /// Enabled = true, /// Description = "Made with Pulumi", - /// HostGroups = new[] - /// { - /// "d6e3c1e1b3d0467da0fowc96a5e6ecb5", - /// }, + /// HostGroups = new[] {}, /// IoaRuleGroups = new[] {}, /// AdwareAndPup = new Crowdstrike.Inputs.PreventionPolicyWindowsAdwareAndPupArgs /// { @@ -72,56 +69,57 @@ namespace CrowdStrike.Crowdstrike /// { /// Detection = "MODERATE", /// }, - /// UsbInsertionTriggeredScan = false, - /// ApplicationExploitationActivity = false, - /// AdditionalUserModeData = false, - /// NotifyEndUsers = false, - /// AdvancedRemediation = false, - /// BackupDeletion = false, - /// BiosDeepVisibility = false, - /// ChopperWebshell = false, - /// CodeInjection = false, - /// CredentialDumping = false, - /// Cryptowall = false, - /// CustomBlocking = false, - /// DetectOnWrite = false, - /// DriveByDownload = false, - /// DriverLoadPrevention = false, - /// InterpreterOnly = false, - /// EngineFullVisibility = false, - /// EnhancedExploitationVisibility = false, - /// EnhancedMlForLargerFiles = false, - /// FileEncryption = false, - /// FileSystemAccess = false, - /// ForceAslr = false, - /// ForceDep = false, - /// HeapSprayPreallocation = false, - /// NullPageAllocation = false, - /// SehOverwriteProtection = false, - /// HardwareEnhancedExploitDetection = false, - /// HttpDetections = false, - /// RedactHttpDetectionDetails = false, - /// IntelligenceSourcedThreats = false, - /// JavascriptViaRundll32 = false, - /// Locky = false, - /// MemoryScanning = false, - /// MemoryScanningScanWithCpu = false, - /// MicrosoftOfficeFileSuspiciousMacroRemoval = false, - /// OnWriteScriptFileVisibility = false, - /// PreventSuspiciousProcesses = false, - /// QuarantineAndSecurityCenterRegistration = false, - /// QuarantineOnRemovableMedia = false, - /// QuarantineOnWrite = false, - /// ScriptBasedExecutionMonitoring = false, - /// SensorTamperingProtection = false, - /// SuspiciousRegistryOperations = false, - /// SuspiciousScriptsAndCommands = false, - /// UploadUnknownExecutables = false, - /// UploadUnknownDetectionRelatedExecutables = false, - /// VolumeShadowCopyAudit = false, - /// VolumeShadowCopyProtect = false, - /// VulnerableDriverProtection = false, - /// WindowsLogonBypassStickyKeys = false, + /// UsbInsertionTriggeredScan = true, + /// ApplicationExploitationActivity = true, + /// AdditionalUserModeData = true, + /// NotifyEndUsers = true, + /// AdvancedRemediation = true, + /// BackupDeletion = true, + /// BiosDeepVisibility = true, + /// ChopperWebshell = true, + /// CodeInjection = true, + /// CredentialDumping = true, + /// Cryptowall = true, + /// CustomBlocking = true, + /// DetectOnWrite = true, + /// DriveByDownload = true, + /// DriverLoadPrevention = true, + /// InterpreterOnly = true, + /// EngineFullVisibility = true, + /// EnhancedExploitationVisibility = true, + /// EnhancedDllLoadVisibility = true, + /// EnhancedMlForLargerFiles = true, + /// FileEncryption = true, + /// FileSystemAccess = true, + /// ForceAslr = true, + /// ForceDep = true, + /// HeapSprayPreallocation = true, + /// NullPageAllocation = true, + /// SehOverwriteProtection = true, + /// HardwareEnhancedExploitDetection = true, + /// HttpDetections = true, + /// RedactHttpDetectionDetails = true, + /// IntelligenceSourcedThreats = true, + /// JavascriptViaRundll32 = true, + /// Locky = true, + /// MemoryScanning = true, + /// MemoryScanningScanWithCpu = true, + /// MicrosoftOfficeFileSuspiciousMacroRemoval = true, + /// OnWriteScriptFileVisibility = true, + /// PreventSuspiciousProcesses = true, + /// QuarantineAndSecurityCenterRegistration = true, + /// QuarantineOnRemovableMedia = true, + /// QuarantineOnWrite = true, + /// ScriptBasedExecutionMonitoring = true, + /// SensorTamperingProtection = true, + /// SuspiciousRegistryOperations = true, + /// SuspiciousScriptsAndCommands = true, + /// UploadUnknownExecutables = true, + /// UploadUnknownDetectionRelatedExecutables = true, + /// VolumeShadowCopyAudit = true, + /// VolumeShadowCopyProtect = true, + /// VulnerableDriverProtection = true, + /// WindowsLogonBypassStickyKeys = true, /// }); /// /// return new Dictionary<string, object?> @@ -262,6 +260,12 @@ public partial class PreventionPolicyWindows : global::Pulumi.CustomResource [Output("engineFullVisibility")] public Output EngineFullVisibility { get; private set; } = null!; + /// + /// Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + /// + [Output("enhancedDllLoadVisibility")] + public Output EnhancedDllLoadVisibility { get; private set; } = null!; + /// /// Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. /// @@ -684,6 +688,12 @@ public sealed class PreventionPolicyWindowsArgs : global::Pulumi.ResourceArgs [Input("engineFullVisibility")] public Input? EngineFullVisibility { get; set; } + /// + /// Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + /// + [Input("enhancedDllLoadVisibility")] + public Input? EnhancedDllLoadVisibility { get; set; } + /// /// Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. /// @@ -1076,6 +1086,12 @@ public sealed class PreventionPolicyWindowsState : global::Pulumi.ResourceArgs [Input("engineFullVisibility")] public Input? EngineFullVisibility { get; set; } + /// + /// Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + /// + [Input("enhancedDllLoadVisibility")] + public Input? EnhancedDllLoadVisibility { get; set; } + /// /// Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. /// diff --git a/sdk/dotnet/Provider.cs b/sdk/dotnet/Provider.cs index 1b370d1..f1922d5 100644 --- a/sdk/dotnet/Provider.cs +++ b/sdk/dotnet/Provider.cs @@ -34,11 +34,18 @@ public partial class Provider : global::Pulumi.ProviderResource public Output ClientSecret { get; private set; } = null!; /// - /// Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + /// Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + /// environment variable when left blank. /// [Output("cloud")] public Output Cloud { get; private set; } = null!; + /// + /// For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + /// + [Output("memberCid")] + public Output MemberCid { get; private set; } = null!; + /// /// Create a Provider resource with the given unique name, arguments, and options. @@ -108,11 +115,18 @@ public Input? ClientSecret } /// - /// Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + /// Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + /// environment variable when left blank. /// [Input("cloud")] public Input? Cloud { get; set; } + /// + /// For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + /// + [Input("memberCid")] + public Input? MemberCid { get; set; } + public ProviderArgs() { } diff --git a/sdk/go/crowdstrike/cloudAwsAccount.go b/sdk/go/crowdstrike/cloudAwsAccount.go new file mode 100644 index 0000000..1b78c63 --- /dev/null +++ b/sdk/go/crowdstrike/cloudAwsAccount.go @@ -0,0 +1,417 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package crowdstrike + +import ( + "context" + "reflect" + + "errors" + "github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// This resource allows management of an AWS account in Falcon. +// +// ## API Scopes +// +// The following API scopes are required: +// +// - Cloud security AWS registration | Read & Write +// - CSPM registration | Read & Write +type CloudAwsAccount struct { + pulumi.CustomResourceState + + // The AWS Account ID + AccountId pulumi.StringOutput `pulumi:"accountId"` + // The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + AccountType pulumi.StringOutput `pulumi:"accountType"` + AssetInventory CloudAwsAccountAssetInventoryOutput `pulumi:"assetInventory"` + // The name of the CloudTrail S3 bucket used for real-time visibility + CloudtrailBucketName pulumi.StringOutput `pulumi:"cloudtrailBucketName"` + DeploymentMethod pulumi.StringOutput `pulumi:"deploymentMethod"` + Dspm CloudAwsAccountDspmOutput `pulumi:"dspm"` + // The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + DspmRoleArn pulumi.StringOutput `pulumi:"dspmRoleArn"` + // The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + EventbusArn pulumi.StringOutput `pulumi:"eventbusArn"` + // The name of the Amazon EventBridge used by CrowdStrike to forward messages + EventbusName pulumi.StringOutput `pulumi:"eventbusName"` + // The external ID used to assume the AWS IAM role + ExternalId pulumi.StringOutput `pulumi:"externalId"` + // The ARN of the AWS IAM role used to access this AWS account + IamRoleArn pulumi.StringOutput `pulumi:"iamRoleArn"` + Idp CloudAwsAccountIdpOutput `pulumi:"idp"` + // The ARN of the intermediate role used to assume the AWS IAM role + IntermediateRoleArn pulumi.StringOutput `pulumi:"intermediateRoleArn"` + // Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + IsOrganizationManagementAccount pulumi.BoolOutput `pulumi:"isOrganizationManagementAccount"` + // The AWS Organization ID + OrganizationId pulumi.StringOutput `pulumi:"organizationId"` + RealtimeVisibility CloudAwsAccountRealtimeVisibilityOutput `pulumi:"realtimeVisibility"` + SensorManagement CloudAwsAccountSensorManagementOutput `pulumi:"sensorManagement"` + // The list of target Organizational Units + TargetOuses pulumi.StringArrayOutput `pulumi:"targetOuses"` +} + +// NewCloudAwsAccount registers a new resource with the given unique name, arguments, and options. +func NewCloudAwsAccount(ctx *pulumi.Context, + name string, args *CloudAwsAccountArgs, opts ...pulumi.ResourceOption) (*CloudAwsAccount, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.AccountId == nil { + return nil, errors.New("invalid value for required argument 'AccountId'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource CloudAwsAccount + err := ctx.RegisterResource("crowdstrike:index/cloudAwsAccount:CloudAwsAccount", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetCloudAwsAccount gets an existing CloudAwsAccount resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetCloudAwsAccount(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *CloudAwsAccountState, opts ...pulumi.ResourceOption) (*CloudAwsAccount, error) { + var resource CloudAwsAccount + err := ctx.ReadResource("crowdstrike:index/cloudAwsAccount:CloudAwsAccount", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering CloudAwsAccount resources. +type cloudAwsAccountState struct { + // The AWS Account ID + AccountId *string `pulumi:"accountId"` + // The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + AccountType *string `pulumi:"accountType"` + AssetInventory *CloudAwsAccountAssetInventory `pulumi:"assetInventory"` + // The name of the CloudTrail S3 bucket used for real-time visibility + CloudtrailBucketName *string `pulumi:"cloudtrailBucketName"` + DeploymentMethod *string `pulumi:"deploymentMethod"` + Dspm *CloudAwsAccountDspm `pulumi:"dspm"` + // The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + DspmRoleArn *string `pulumi:"dspmRoleArn"` + // The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + EventbusArn *string `pulumi:"eventbusArn"` + // The name of the Amazon EventBridge used by CrowdStrike to forward messages + EventbusName *string `pulumi:"eventbusName"` + // The external ID used to assume the AWS IAM role + ExternalId *string `pulumi:"externalId"` + // The ARN of the AWS IAM role used to access this AWS account + IamRoleArn *string `pulumi:"iamRoleArn"` + Idp *CloudAwsAccountIdp `pulumi:"idp"` + // The ARN of the intermediate role used to assume the AWS IAM role + IntermediateRoleArn *string `pulumi:"intermediateRoleArn"` + // Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + IsOrganizationManagementAccount *bool `pulumi:"isOrganizationManagementAccount"` + // The AWS Organization ID + OrganizationId *string `pulumi:"organizationId"` + RealtimeVisibility *CloudAwsAccountRealtimeVisibility `pulumi:"realtimeVisibility"` + SensorManagement *CloudAwsAccountSensorManagement `pulumi:"sensorManagement"` + // The list of target Organizational Units + TargetOuses []string `pulumi:"targetOuses"` +} + +type CloudAwsAccountState struct { + // The AWS Account ID + AccountId pulumi.StringPtrInput + // The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + AccountType pulumi.StringPtrInput + AssetInventory CloudAwsAccountAssetInventoryPtrInput + // The name of the CloudTrail S3 bucket used for real-time visibility + CloudtrailBucketName pulumi.StringPtrInput + DeploymentMethod pulumi.StringPtrInput + Dspm CloudAwsAccountDspmPtrInput + // The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + DspmRoleArn pulumi.StringPtrInput + // The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + EventbusArn pulumi.StringPtrInput + // The name of the Amazon EventBridge used by CrowdStrike to forward messages + EventbusName pulumi.StringPtrInput + // The external ID used to assume the AWS IAM role + ExternalId pulumi.StringPtrInput + // The ARN of the AWS IAM role used to access this AWS account + IamRoleArn pulumi.StringPtrInput + Idp CloudAwsAccountIdpPtrInput + // The ARN of the intermediate role used to assume the AWS IAM role + IntermediateRoleArn pulumi.StringPtrInput + // Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + IsOrganizationManagementAccount pulumi.BoolPtrInput + // The AWS Organization ID + OrganizationId pulumi.StringPtrInput + RealtimeVisibility CloudAwsAccountRealtimeVisibilityPtrInput + SensorManagement CloudAwsAccountSensorManagementPtrInput + // The list of target Organizational Units + TargetOuses pulumi.StringArrayInput +} + +func (CloudAwsAccountState) ElementType() reflect.Type { + return reflect.TypeOf((*cloudAwsAccountState)(nil)).Elem() +} + +type cloudAwsAccountArgs struct { + // The AWS Account ID + AccountId string `pulumi:"accountId"` + // The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + AccountType *string `pulumi:"accountType"` + AssetInventory *CloudAwsAccountAssetInventory `pulumi:"assetInventory"` + DeploymentMethod *string `pulumi:"deploymentMethod"` + Dspm *CloudAwsAccountDspm `pulumi:"dspm"` + Idp *CloudAwsAccountIdp `pulumi:"idp"` + // Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + IsOrganizationManagementAccount *bool `pulumi:"isOrganizationManagementAccount"` + // The AWS Organization ID + OrganizationId *string `pulumi:"organizationId"` + RealtimeVisibility *CloudAwsAccountRealtimeVisibility `pulumi:"realtimeVisibility"` + SensorManagement *CloudAwsAccountSensorManagement `pulumi:"sensorManagement"` + // The list of target Organizational Units + TargetOuses []string `pulumi:"targetOuses"` +} + +// The set of arguments for constructing a CloudAwsAccount resource. +type CloudAwsAccountArgs struct { + // The AWS Account ID + AccountId pulumi.StringInput + // The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + AccountType pulumi.StringPtrInput + AssetInventory CloudAwsAccountAssetInventoryPtrInput + DeploymentMethod pulumi.StringPtrInput + Dspm CloudAwsAccountDspmPtrInput + Idp CloudAwsAccountIdpPtrInput + // Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + IsOrganizationManagementAccount pulumi.BoolPtrInput + // The AWS Organization ID + OrganizationId pulumi.StringPtrInput + RealtimeVisibility CloudAwsAccountRealtimeVisibilityPtrInput + SensorManagement CloudAwsAccountSensorManagementPtrInput + // The list of target Organizational Units + TargetOuses pulumi.StringArrayInput +} + +func (CloudAwsAccountArgs) ElementType() reflect.Type { + return reflect.TypeOf((*cloudAwsAccountArgs)(nil)).Elem() +} + +type CloudAwsAccountInput interface { + pulumi.Input + + ToCloudAwsAccountOutput() CloudAwsAccountOutput + ToCloudAwsAccountOutputWithContext(ctx context.Context) CloudAwsAccountOutput +} + +func (*CloudAwsAccount) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccount)(nil)).Elem() +} + +func (i *CloudAwsAccount) ToCloudAwsAccountOutput() CloudAwsAccountOutput { + return i.ToCloudAwsAccountOutputWithContext(context.Background()) +} + +func (i *CloudAwsAccount) ToCloudAwsAccountOutputWithContext(ctx context.Context) CloudAwsAccountOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountOutput) +} + +// CloudAwsAccountArrayInput is an input type that accepts CloudAwsAccountArray and CloudAwsAccountArrayOutput values. +// You can construct a concrete instance of `CloudAwsAccountArrayInput` via: +// +// CloudAwsAccountArray{ CloudAwsAccountArgs{...} } +type CloudAwsAccountArrayInput interface { + pulumi.Input + + ToCloudAwsAccountArrayOutput() CloudAwsAccountArrayOutput + ToCloudAwsAccountArrayOutputWithContext(context.Context) CloudAwsAccountArrayOutput +} + +type CloudAwsAccountArray []CloudAwsAccountInput + +func (CloudAwsAccountArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*CloudAwsAccount)(nil)).Elem() +} + +func (i CloudAwsAccountArray) ToCloudAwsAccountArrayOutput() CloudAwsAccountArrayOutput { + return i.ToCloudAwsAccountArrayOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountArray) ToCloudAwsAccountArrayOutputWithContext(ctx context.Context) CloudAwsAccountArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountArrayOutput) +} + +// CloudAwsAccountMapInput is an input type that accepts CloudAwsAccountMap and CloudAwsAccountMapOutput values. +// You can construct a concrete instance of `CloudAwsAccountMapInput` via: +// +// CloudAwsAccountMap{ "key": CloudAwsAccountArgs{...} } +type CloudAwsAccountMapInput interface { + pulumi.Input + + ToCloudAwsAccountMapOutput() CloudAwsAccountMapOutput + ToCloudAwsAccountMapOutputWithContext(context.Context) CloudAwsAccountMapOutput +} + +type CloudAwsAccountMap map[string]CloudAwsAccountInput + +func (CloudAwsAccountMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*CloudAwsAccount)(nil)).Elem() +} + +func (i CloudAwsAccountMap) ToCloudAwsAccountMapOutput() CloudAwsAccountMapOutput { + return i.ToCloudAwsAccountMapOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountMap) ToCloudAwsAccountMapOutputWithContext(ctx context.Context) CloudAwsAccountMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountMapOutput) +} + +type CloudAwsAccountOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountOutput) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccount)(nil)).Elem() +} + +func (o CloudAwsAccountOutput) ToCloudAwsAccountOutput() CloudAwsAccountOutput { + return o +} + +func (o CloudAwsAccountOutput) ToCloudAwsAccountOutputWithContext(ctx context.Context) CloudAwsAccountOutput { + return o +} + +// The AWS Account ID +func (o CloudAwsAccountOutput) AccountId() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.AccountId }).(pulumi.StringOutput) +} + +// The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type +func (o CloudAwsAccountOutput) AccountType() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.AccountType }).(pulumi.StringOutput) +} + +func (o CloudAwsAccountOutput) AssetInventory() CloudAwsAccountAssetInventoryOutput { + return o.ApplyT(func(v *CloudAwsAccount) CloudAwsAccountAssetInventoryOutput { return v.AssetInventory }).(CloudAwsAccountAssetInventoryOutput) +} + +// The name of the CloudTrail S3 bucket used for real-time visibility +func (o CloudAwsAccountOutput) CloudtrailBucketName() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.CloudtrailBucketName }).(pulumi.StringOutput) +} + +func (o CloudAwsAccountOutput) DeploymentMethod() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.DeploymentMethod }).(pulumi.StringOutput) +} + +func (o CloudAwsAccountOutput) Dspm() CloudAwsAccountDspmOutput { + return o.ApplyT(func(v *CloudAwsAccount) CloudAwsAccountDspmOutput { return v.Dspm }).(CloudAwsAccountDspmOutput) +} + +// The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management +func (o CloudAwsAccountOutput) DspmRoleArn() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.DspmRoleArn }).(pulumi.StringOutput) +} + +// The ARN of the Amazon EventBridge used by CrowdStrike to forward messages +func (o CloudAwsAccountOutput) EventbusArn() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.EventbusArn }).(pulumi.StringOutput) +} + +// The name of the Amazon EventBridge used by CrowdStrike to forward messages +func (o CloudAwsAccountOutput) EventbusName() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.EventbusName }).(pulumi.StringOutput) +} + +// The external ID used to assume the AWS IAM role +func (o CloudAwsAccountOutput) ExternalId() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.ExternalId }).(pulumi.StringOutput) +} + +// The ARN of the AWS IAM role used to access this AWS account +func (o CloudAwsAccountOutput) IamRoleArn() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.IamRoleArn }).(pulumi.StringOutput) +} + +func (o CloudAwsAccountOutput) Idp() CloudAwsAccountIdpOutput { + return o.ApplyT(func(v *CloudAwsAccount) CloudAwsAccountIdpOutput { return v.Idp }).(CloudAwsAccountIdpOutput) +} + +// The ARN of the intermediate role used to assume the AWS IAM role +func (o CloudAwsAccountOutput) IntermediateRoleArn() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.IntermediateRoleArn }).(pulumi.StringOutput) +} + +// Indicates whether this is the management account (formerly known as the root account) of an AWS Organization +func (o CloudAwsAccountOutput) IsOrganizationManagementAccount() pulumi.BoolOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.BoolOutput { return v.IsOrganizationManagementAccount }).(pulumi.BoolOutput) +} + +// The AWS Organization ID +func (o CloudAwsAccountOutput) OrganizationId() pulumi.StringOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringOutput { return v.OrganizationId }).(pulumi.StringOutput) +} + +func (o CloudAwsAccountOutput) RealtimeVisibility() CloudAwsAccountRealtimeVisibilityOutput { + return o.ApplyT(func(v *CloudAwsAccount) CloudAwsAccountRealtimeVisibilityOutput { return v.RealtimeVisibility }).(CloudAwsAccountRealtimeVisibilityOutput) +} + +func (o CloudAwsAccountOutput) SensorManagement() CloudAwsAccountSensorManagementOutput { + return o.ApplyT(func(v *CloudAwsAccount) CloudAwsAccountSensorManagementOutput { return v.SensorManagement }).(CloudAwsAccountSensorManagementOutput) +} + +// The list of target Organizational Units +func (o CloudAwsAccountOutput) TargetOuses() pulumi.StringArrayOutput { + return o.ApplyT(func(v *CloudAwsAccount) pulumi.StringArrayOutput { return v.TargetOuses }).(pulumi.StringArrayOutput) +} + +type CloudAwsAccountArrayOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*CloudAwsAccount)(nil)).Elem() +} + +func (o CloudAwsAccountArrayOutput) ToCloudAwsAccountArrayOutput() CloudAwsAccountArrayOutput { + return o +} + +func (o CloudAwsAccountArrayOutput) ToCloudAwsAccountArrayOutputWithContext(ctx context.Context) CloudAwsAccountArrayOutput { + return o +} + +func (o CloudAwsAccountArrayOutput) Index(i pulumi.IntInput) CloudAwsAccountOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *CloudAwsAccount { + return vs[0].([]*CloudAwsAccount)[vs[1].(int)] + }).(CloudAwsAccountOutput) +} + +type CloudAwsAccountMapOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*CloudAwsAccount)(nil)).Elem() +} + +func (o CloudAwsAccountMapOutput) ToCloudAwsAccountMapOutput() CloudAwsAccountMapOutput { + return o +} + +func (o CloudAwsAccountMapOutput) ToCloudAwsAccountMapOutputWithContext(ctx context.Context) CloudAwsAccountMapOutput { + return o +} + +func (o CloudAwsAccountMapOutput) MapIndex(k pulumi.StringInput) CloudAwsAccountOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *CloudAwsAccount { + return vs[0].(map[string]*CloudAwsAccount)[vs[1].(string)] + }).(CloudAwsAccountOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountInput)(nil)).Elem(), &CloudAwsAccount{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountArrayInput)(nil)).Elem(), CloudAwsAccountArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountMapInput)(nil)).Elem(), CloudAwsAccountMap{}) + pulumi.RegisterOutputType(CloudAwsAccountOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountArrayOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountMapOutput{}) +} diff --git a/sdk/go/crowdstrike/config/config.go b/sdk/go/crowdstrike/config/config.go index a41714d..4c26831 100644 --- a/sdk/go/crowdstrike/config/config.go +++ b/sdk/go/crowdstrike/config/config.go @@ -23,7 +23,13 @@ func GetClientSecret(ctx *pulumi.Context) string { return config.Get(ctx, "crowdstrike:clientSecret") } -// Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 +// Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD +// environment variable when left blank. func GetCloud(ctx *pulumi.Context) string { return config.Get(ctx, "crowdstrike:cloud") } + +// For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID +func GetMemberCid(ctx *pulumi.Context) string { + return config.Get(ctx, "crowdstrike:memberCid") +} diff --git a/sdk/go/crowdstrike/getCloudAwsAccount.go b/sdk/go/crowdstrike/getCloudAwsAccount.go new file mode 100644 index 0000000..abaf4ce --- /dev/null +++ b/sdk/go/crowdstrike/getCloudAwsAccount.go @@ -0,0 +1,146 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package crowdstrike + +import ( + "context" + "reflect" + + "github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// This data source provides information about AWS accounts in Falcon. +// +// ## API Scopes +// +// The following API scopes are required: +// +// - Cloud security AWS registration | Read & Write +// - CSPM registration | Read & Write +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/crowdstrike/pulumi-crowdstrike/sdk/go/crowdstrike" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := crowdstrike.LookupCloudAwsAccount(ctx, &crowdstrike.LookupCloudAwsAccountArgs{}, nil) +// if err != nil { +// return err +// } +// _, err = crowdstrike.LookupCloudAwsAccount(ctx, &crowdstrike.LookupCloudAwsAccountArgs{ +// AccountId: pulumi.StringRef("123456789012"), +// }, nil) +// if err != nil { +// return err +// } +// _, err = crowdstrike.LookupCloudAwsAccount(ctx, &crowdstrike.LookupCloudAwsAccountArgs{ +// OrganizationId: pulumi.StringRef("o-123456789012"), +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func LookupCloudAwsAccount(ctx *pulumi.Context, args *LookupCloudAwsAccountArgs, opts ...pulumi.InvokeOption) (*LookupCloudAwsAccountResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv LookupCloudAwsAccountResult + err := ctx.Invoke("crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getCloudAwsAccount. +type LookupCloudAwsAccountArgs struct { + // Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organizationId filter for OR matching + AccountId *string `pulumi:"accountId"` + // Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with accountId filter for OR matching + OrganizationId *string `pulumi:"organizationId"` +} + +// A collection of values returned by getCloudAwsAccount. +type LookupCloudAwsAccountResult struct { + // Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organizationId filter for OR matching + AccountId *string `pulumi:"accountId"` + // The list of AWS accounts + Accounts []GetCloudAwsAccountAccount `pulumi:"accounts"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + // Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with accountId filter for OR matching + OrganizationId *string `pulumi:"organizationId"` +} + +func LookupCloudAwsAccountOutput(ctx *pulumi.Context, args LookupCloudAwsAccountOutputArgs, opts ...pulumi.InvokeOption) LookupCloudAwsAccountResultOutput { + return pulumi.ToOutputWithContext(ctx.Context(), args). + ApplyT(func(v interface{}) (LookupCloudAwsAccountResultOutput, error) { + args := v.(LookupCloudAwsAccountArgs) + options := pulumi.InvokeOutputOptions{InvokeOptions: internal.PkgInvokeDefaultOpts(opts)} + return ctx.InvokeOutput("crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount", args, LookupCloudAwsAccountResultOutput{}, options).(LookupCloudAwsAccountResultOutput), nil + }).(LookupCloudAwsAccountResultOutput) +} + +// A collection of arguments for invoking getCloudAwsAccount. +type LookupCloudAwsAccountOutputArgs struct { + // Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organizationId filter for OR matching + AccountId pulumi.StringPtrInput `pulumi:"accountId"` + // Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with accountId filter for OR matching + OrganizationId pulumi.StringPtrInput `pulumi:"organizationId"` +} + +func (LookupCloudAwsAccountOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupCloudAwsAccountArgs)(nil)).Elem() +} + +// A collection of values returned by getCloudAwsAccount. +type LookupCloudAwsAccountResultOutput struct{ *pulumi.OutputState } + +func (LookupCloudAwsAccountResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupCloudAwsAccountResult)(nil)).Elem() +} + +func (o LookupCloudAwsAccountResultOutput) ToLookupCloudAwsAccountResultOutput() LookupCloudAwsAccountResultOutput { + return o +} + +func (o LookupCloudAwsAccountResultOutput) ToLookupCloudAwsAccountResultOutputWithContext(ctx context.Context) LookupCloudAwsAccountResultOutput { + return o +} + +// Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organizationId filter for OR matching +func (o LookupCloudAwsAccountResultOutput) AccountId() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupCloudAwsAccountResult) *string { return v.AccountId }).(pulumi.StringPtrOutput) +} + +// The list of AWS accounts +func (o LookupCloudAwsAccountResultOutput) Accounts() GetCloudAwsAccountAccountArrayOutput { + return o.ApplyT(func(v LookupCloudAwsAccountResult) []GetCloudAwsAccountAccount { return v.Accounts }).(GetCloudAwsAccountAccountArrayOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o LookupCloudAwsAccountResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v LookupCloudAwsAccountResult) string { return v.Id }).(pulumi.StringOutput) +} + +// Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with accountId filter for OR matching +func (o LookupCloudAwsAccountResultOutput) OrganizationId() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupCloudAwsAccountResult) *string { return v.OrganizationId }).(pulumi.StringPtrOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupCloudAwsAccountResultOutput{}) +} diff --git a/sdk/go/crowdstrike/init.go b/sdk/go/crowdstrike/init.go index 1d4e077..832a0c0 100644 --- a/sdk/go/crowdstrike/init.go +++ b/sdk/go/crowdstrike/init.go @@ -21,6 +21,8 @@ func (m *module) Version() semver.Version { func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi.Resource, err error) { switch typ { + case "crowdstrike:index/cloudAwsAccount:CloudAwsAccount": + r = &CloudAwsAccount{} case "crowdstrike:index/filevantagePolicy:FilevantagePolicy": r = &FilevantagePolicy{} case "crowdstrike:index/filevantageRuleGroup:FilevantageRuleGroup": @@ -66,6 +68,11 @@ func init() { if err != nil { version = semver.Version{Major: 1} } + pulumi.RegisterResourceModule( + "crowdstrike", + "index/cloudAwsAccount", + &module{version}, + ) pulumi.RegisterResourceModule( "crowdstrike", "index/filevantagePolicy", diff --git a/sdk/go/crowdstrike/preventionPolicyLinux.go b/sdk/go/crowdstrike/preventionPolicyLinux.go index 16cba84..90e2b98 100644 --- a/sdk/go/crowdstrike/preventionPolicyLinux.go +++ b/sdk/go/crowdstrike/preventionPolicyLinux.go @@ -35,11 +35,9 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // example, err := crowdstrike.NewPreventionPolicyLinux(ctx, "example", &crowdstrike.PreventionPolicyLinuxArgs{ -// Enabled: pulumi.Bool(true), -// Description: pulumi.String("Made with Pulumi"), -// HostGroups: pulumi.StringArray{ -// pulumi.String("d6e3c1e1b3d0467da0fowc96a5e6ecb5"), -// }, +// Enabled: pulumi.Bool(true), +// Description: pulumi.String("Made with Pulumi"), +// HostGroups: pulumi.StringArray{}, // IoaRuleGroups: pulumi.StringArray{}, // CloudAntiMalware: &crowdstrike.PreventionPolicyLinuxCloudAntiMalwareArgs{ // Detection: pulumi.String("MODERATE"), @@ -62,6 +60,9 @@ import ( // HttpVisibility: pulumi.Bool(true), // NetworkVisibility: pulumi.Bool(true), // TlsVisibility: pulumi.Bool(true), +// SensorTamperingProtection: pulumi.Bool(true), +// OnWriteScriptFileVisibility: pulumi.Bool(true), +// MemoryVisibility: pulumi.Bool(true), // }) // if err != nil { // return err @@ -106,10 +107,14 @@ type PreventionPolicyLinux struct { // IOA Rule Group to attach to the prevention policy. IoaRuleGroups pulumi.StringArrayOutput `pulumi:"ioaRuleGroups"` LastUpdated pulumi.StringOutput `pulumi:"lastUpdated"` + // Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + MemoryVisibility pulumi.BoolOutput `pulumi:"memoryVisibility"` // Name of the prevention policy. Name pulumi.StringOutput `pulumi:"name"` // Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. NetworkVisibility pulumi.BoolOutput `pulumi:"networkVisibility"` + // Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + OnWriteScriptFileVisibility pulumi.BoolOutput `pulumi:"onWriteScriptFileVisibility"` // Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. PreventSuspiciousProcesses pulumi.BoolOutput `pulumi:"preventSuspiciousProcesses"` // Whether to enable the setting. Quarantine executable files after they’re prevented by NGAV. When this is enabled, we recommend setting anti-malware prevention levels to Moderate or higher and not using other antivirus solutions. @@ -118,6 +123,8 @@ type PreventionPolicyLinux struct { ScriptBasedExecutionMonitoring pulumi.BoolOutput `pulumi:"scriptBasedExecutionMonitoring"` // For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. SensorAntiMalware PreventionPolicyLinuxSensorAntiMalwareOutput `pulumi:"sensorAntiMalware"` + // Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + SensorTamperingProtection pulumi.BoolOutput `pulumi:"sensorTamperingProtection"` // Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. TlsVisibility pulumi.BoolOutput `pulumi:"tlsVisibility"` // Whether to enable the setting. Upload all unknown detection-related executables for advanced analysis in the cloud. @@ -185,10 +192,14 @@ type preventionPolicyLinuxState struct { // IOA Rule Group to attach to the prevention policy. IoaRuleGroups []string `pulumi:"ioaRuleGroups"` LastUpdated *string `pulumi:"lastUpdated"` + // Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + MemoryVisibility *bool `pulumi:"memoryVisibility"` // Name of the prevention policy. Name *string `pulumi:"name"` // Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. NetworkVisibility *bool `pulumi:"networkVisibility"` + // Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + OnWriteScriptFileVisibility *bool `pulumi:"onWriteScriptFileVisibility"` // Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. PreventSuspiciousProcesses *bool `pulumi:"preventSuspiciousProcesses"` // Whether to enable the setting. Quarantine executable files after they’re prevented by NGAV. When this is enabled, we recommend setting anti-malware prevention levels to Moderate or higher and not using other antivirus solutions. @@ -197,6 +208,8 @@ type preventionPolicyLinuxState struct { ScriptBasedExecutionMonitoring *bool `pulumi:"scriptBasedExecutionMonitoring"` // For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. SensorAntiMalware *PreventionPolicyLinuxSensorAntiMalware `pulumi:"sensorAntiMalware"` + // Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + SensorTamperingProtection *bool `pulumi:"sensorTamperingProtection"` // Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. TlsVisibility *bool `pulumi:"tlsVisibility"` // Whether to enable the setting. Upload all unknown detection-related executables for advanced analysis in the cloud. @@ -229,10 +242,14 @@ type PreventionPolicyLinuxState struct { // IOA Rule Group to attach to the prevention policy. IoaRuleGroups pulumi.StringArrayInput LastUpdated pulumi.StringPtrInput + // Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + MemoryVisibility pulumi.BoolPtrInput // Name of the prevention policy. Name pulumi.StringPtrInput // Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. NetworkVisibility pulumi.BoolPtrInput + // Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + OnWriteScriptFileVisibility pulumi.BoolPtrInput // Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. PreventSuspiciousProcesses pulumi.BoolPtrInput // Whether to enable the setting. Quarantine executable files after they’re prevented by NGAV. When this is enabled, we recommend setting anti-malware prevention levels to Moderate or higher and not using other antivirus solutions. @@ -241,6 +258,8 @@ type PreventionPolicyLinuxState struct { ScriptBasedExecutionMonitoring pulumi.BoolPtrInput // For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. SensorAntiMalware PreventionPolicyLinuxSensorAntiMalwarePtrInput + // Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + SensorTamperingProtection pulumi.BoolPtrInput // Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. TlsVisibility pulumi.BoolPtrInput // Whether to enable the setting. Upload all unknown detection-related executables for advanced analysis in the cloud. @@ -276,10 +295,14 @@ type preventionPolicyLinuxArgs struct { HttpVisibility *bool `pulumi:"httpVisibility"` // IOA Rule Group to attach to the prevention policy. IoaRuleGroups []string `pulumi:"ioaRuleGroups"` + // Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + MemoryVisibility *bool `pulumi:"memoryVisibility"` // Name of the prevention policy. Name *string `pulumi:"name"` // Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. NetworkVisibility *bool `pulumi:"networkVisibility"` + // Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + OnWriteScriptFileVisibility *bool `pulumi:"onWriteScriptFileVisibility"` // Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. PreventSuspiciousProcesses *bool `pulumi:"preventSuspiciousProcesses"` // Whether to enable the setting. Quarantine executable files after they’re prevented by NGAV. When this is enabled, we recommend setting anti-malware prevention levels to Moderate or higher and not using other antivirus solutions. @@ -288,6 +311,8 @@ type preventionPolicyLinuxArgs struct { ScriptBasedExecutionMonitoring *bool `pulumi:"scriptBasedExecutionMonitoring"` // For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. SensorAntiMalware *PreventionPolicyLinuxSensorAntiMalware `pulumi:"sensorAntiMalware"` + // Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + SensorTamperingProtection *bool `pulumi:"sensorTamperingProtection"` // Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. TlsVisibility *bool `pulumi:"tlsVisibility"` // Whether to enable the setting. Upload all unknown detection-related executables for advanced analysis in the cloud. @@ -320,10 +345,14 @@ type PreventionPolicyLinuxArgs struct { HttpVisibility pulumi.BoolPtrInput // IOA Rule Group to attach to the prevention policy. IoaRuleGroups pulumi.StringArrayInput + // Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + MemoryVisibility pulumi.BoolPtrInput // Name of the prevention policy. Name pulumi.StringPtrInput // Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. NetworkVisibility pulumi.BoolPtrInput + // Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + OnWriteScriptFileVisibility pulumi.BoolPtrInput // Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. PreventSuspiciousProcesses pulumi.BoolPtrInput // Whether to enable the setting. Quarantine executable files after they’re prevented by NGAV. When this is enabled, we recommend setting anti-malware prevention levels to Moderate or higher and not using other antivirus solutions. @@ -332,6 +361,8 @@ type PreventionPolicyLinuxArgs struct { ScriptBasedExecutionMonitoring pulumi.BoolPtrInput // For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. SensorAntiMalware PreventionPolicyLinuxSensorAntiMalwarePtrInput + // Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + SensorTamperingProtection pulumi.BoolPtrInput // Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. TlsVisibility pulumi.BoolPtrInput // Whether to enable the setting. Upload all unknown detection-related executables for advanced analysis in the cloud. @@ -486,6 +517,11 @@ func (o PreventionPolicyLinuxOutput) LastUpdated() pulumi.StringOutput { return o.ApplyT(func(v *PreventionPolicyLinux) pulumi.StringOutput { return v.LastUpdated }).(pulumi.StringOutput) } +// Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. +func (o PreventionPolicyLinuxOutput) MemoryVisibility() pulumi.BoolOutput { + return o.ApplyT(func(v *PreventionPolicyLinux) pulumi.BoolOutput { return v.MemoryVisibility }).(pulumi.BoolOutput) +} + // Name of the prevention policy. func (o PreventionPolicyLinuxOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *PreventionPolicyLinux) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) @@ -496,6 +532,11 @@ func (o PreventionPolicyLinuxOutput) NetworkVisibility() pulumi.BoolOutput { return o.ApplyT(func(v *PreventionPolicyLinux) pulumi.BoolOutput { return v.NetworkVisibility }).(pulumi.BoolOutput) } +// Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. +func (o PreventionPolicyLinuxOutput) OnWriteScriptFileVisibility() pulumi.BoolOutput { + return o.ApplyT(func(v *PreventionPolicyLinux) pulumi.BoolOutput { return v.OnWriteScriptFileVisibility }).(pulumi.BoolOutput) +} + // Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. func (o PreventionPolicyLinuxOutput) PreventSuspiciousProcesses() pulumi.BoolOutput { return o.ApplyT(func(v *PreventionPolicyLinux) pulumi.BoolOutput { return v.PreventSuspiciousProcesses }).(pulumi.BoolOutput) @@ -518,6 +559,11 @@ func (o PreventionPolicyLinuxOutput) SensorAntiMalware() PreventionPolicyLinuxSe }).(PreventionPolicyLinuxSensorAntiMalwareOutput) } +// Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. +func (o PreventionPolicyLinuxOutput) SensorTamperingProtection() pulumi.BoolOutput { + return o.ApplyT(func(v *PreventionPolicyLinux) pulumi.BoolOutput { return v.SensorTamperingProtection }).(pulumi.BoolOutput) +} + // Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. func (o PreventionPolicyLinuxOutput) TlsVisibility() pulumi.BoolOutput { return o.ApplyT(func(v *PreventionPolicyLinux) pulumi.BoolOutput { return v.TlsVisibility }).(pulumi.BoolOutput) diff --git a/sdk/go/crowdstrike/preventionPolicyMac.go b/sdk/go/crowdstrike/preventionPolicyMac.go index d89892f..cd22369 100644 --- a/sdk/go/crowdstrike/preventionPolicyMac.go +++ b/sdk/go/crowdstrike/preventionPolicyMac.go @@ -35,11 +35,9 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // example, err := crowdstrike.NewPreventionPolicyMac(ctx, "example", &crowdstrike.PreventionPolicyMacArgs{ -// Enabled: pulumi.Bool(false), -// Description: pulumi.String("Made with Pulumi"), -// HostGroups: pulumi.StringArray{ -// pulumi.String("d6e3c1e1b3d0467da0fowc96a5e6ecb5"), -// }, +// Enabled: pulumi.Bool(false), +// Description: pulumi.String("Made with Pulumi"), +// HostGroups: pulumi.StringArray{}, // IoaRuleGroups: pulumi.StringArray{}, // CloudAdwareAndPup: &crowdstrike.PreventionPolicyMacCloudAdwareAndPupArgs{ // Detection: pulumi.String("MODERATE"), diff --git a/sdk/go/crowdstrike/preventionPolicyWindows.go b/sdk/go/crowdstrike/preventionPolicyWindows.go index e05478f..905a3a3 100644 --- a/sdk/go/crowdstrike/preventionPolicyWindows.go +++ b/sdk/go/crowdstrike/preventionPolicyWindows.go @@ -35,11 +35,9 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // example, err := crowdstrike.NewPreventionPolicyWindows(ctx, "example", &crowdstrike.PreventionPolicyWindowsArgs{ -// Enabled: pulumi.Bool(false), -// Description: pulumi.String("Made with Pulumi"), -// HostGroups: pulumi.StringArray{ -// pulumi.String("d6e3c1e1b3d0467da0fowc96a5e6ecb5"), -// }, +// Enabled: pulumi.Bool(true), +// Description: pulumi.String("Made with Pulumi"), +// HostGroups: pulumi.StringArray{}, // IoaRuleGroups: pulumi.StringArray{}, // AdwareAndPup: &crowdstrike.PreventionPolicyWindowsAdwareAndPupArgs{ // Detection: pulumi.String("MODERATE"), @@ -68,56 +66,57 @@ import ( // ExtendedUserModeData: &crowdstrike.PreventionPolicyWindowsExtendedUserModeDataArgs{ // Detection: pulumi.String("MODERATE"), // }, -// UsbInsertionTriggeredScan: pulumi.Bool(false), -// ApplicationExploitationActivity: pulumi.Bool(false), -// AdditionalUserModeData: pulumi.Bool(false), -// NotifyEndUsers: pulumi.Bool(false), -// AdvancedRemediation: pulumi.Bool(false), -// BackupDeletion: pulumi.Bool(false), -// BiosDeepVisibility: pulumi.Bool(false), -// ChopperWebshell: pulumi.Bool(false), -// CodeInjection: pulumi.Bool(false), -// CredentialDumping: pulumi.Bool(false), -// Cryptowall: pulumi.Bool(false), -// CustomBlocking: pulumi.Bool(false), -// DetectOnWrite: pulumi.Bool(false), -// DriveByDownload: pulumi.Bool(false), -// DriverLoadPrevention: pulumi.Bool(false), -// InterpreterOnly: pulumi.Bool(false), -// EngineFullVisibility: pulumi.Bool(false), -// EnhancedExploitationVisibility: pulumi.Bool(false), -// EnhancedMlForLargerFiles: pulumi.Bool(false), -// FileEncryption: pulumi.Bool(false), -// FileSystemAccess: pulumi.Bool(false), -// ForceAslr: pulumi.Bool(false), -// ForceDep: pulumi.Bool(false), -// HeapSprayPreallocation: pulumi.Bool(false), -// NullPageAllocation: pulumi.Bool(false), -// SehOverwriteProtection: pulumi.Bool(false), -// HardwareEnhancedExploitDetection: pulumi.Bool(false), -// HttpDetections: pulumi.Bool(false), -// RedactHttpDetectionDetails: pulumi.Bool(false), -// IntelligenceSourcedThreats: pulumi.Bool(false), -// JavascriptViaRundll32: pulumi.Bool(false), -// Locky: pulumi.Bool(false), -// MemoryScanning: pulumi.Bool(false), -// MemoryScanningScanWithCpu: pulumi.Bool(false), -// MicrosoftOfficeFileSuspiciousMacroRemoval: pulumi.Bool(false), -// OnWriteScriptFileVisibility: pulumi.Bool(false), -// PreventSuspiciousProcesses: pulumi.Bool(false), -// QuarantineAndSecurityCenterRegistration: pulumi.Bool(false), -// QuarantineOnRemovableMedia: pulumi.Bool(false), -// QuarantineOnWrite: pulumi.Bool(false), -// ScriptBasedExecutionMonitoring: pulumi.Bool(false), -// SensorTamperingProtection: pulumi.Bool(false), -// SuspiciousRegistryOperations: pulumi.Bool(false), -// SuspiciousScriptsAndCommands: pulumi.Bool(false), -// UploadUnknownExecutables: pulumi.Bool(false), -// UploadUnknownDetectionRelatedExecutables: pulumi.Bool(false), -// VolumeShadowCopyAudit: pulumi.Bool(false), -// VolumeShadowCopyProtect: pulumi.Bool(false), -// VulnerableDriverProtection: pulumi.Bool(false), -// WindowsLogonBypassStickyKeys: pulumi.Bool(false), +// UsbInsertionTriggeredScan: pulumi.Bool(true), +// ApplicationExploitationActivity: pulumi.Bool(true), +// AdditionalUserModeData: pulumi.Bool(true), +// NotifyEndUsers: pulumi.Bool(true), +// AdvancedRemediation: pulumi.Bool(true), +// BackupDeletion: pulumi.Bool(true), +// BiosDeepVisibility: pulumi.Bool(true), +// ChopperWebshell: pulumi.Bool(true), +// CodeInjection: pulumi.Bool(true), +// CredentialDumping: pulumi.Bool(true), +// Cryptowall: pulumi.Bool(true), +// CustomBlocking: pulumi.Bool(true), +// DetectOnWrite: pulumi.Bool(true), +// DriveByDownload: pulumi.Bool(true), +// DriverLoadPrevention: pulumi.Bool(true), +// InterpreterOnly: pulumi.Bool(true), +// EngineFullVisibility: pulumi.Bool(true), +// EnhancedExploitationVisibility: pulumi.Bool(true), +// EnhancedDllLoadVisibility: pulumi.Bool(true), +// EnhancedMlForLargerFiles: pulumi.Bool(true), +// FileEncryption: pulumi.Bool(true), +// FileSystemAccess: pulumi.Bool(true), +// ForceAslr: pulumi.Bool(true), +// ForceDep: pulumi.Bool(true), +// HeapSprayPreallocation: pulumi.Bool(true), +// NullPageAllocation: pulumi.Bool(true), +// SehOverwriteProtection: pulumi.Bool(true), +// HardwareEnhancedExploitDetection: pulumi.Bool(true), +// HttpDetections: pulumi.Bool(true), +// RedactHttpDetectionDetails: pulumi.Bool(true), +// IntelligenceSourcedThreats: pulumi.Bool(true), +// JavascriptViaRundll32: pulumi.Bool(true), +// Locky: pulumi.Bool(true), +// MemoryScanning: pulumi.Bool(true), +// MemoryScanningScanWithCpu: pulumi.Bool(true), +// MicrosoftOfficeFileSuspiciousMacroRemoval: pulumi.Bool(true), +// OnWriteScriptFileVisibility: pulumi.Bool(true), +// PreventSuspiciousProcesses: pulumi.Bool(true), +// QuarantineAndSecurityCenterRegistration: pulumi.Bool(true), +// QuarantineOnRemovableMedia: pulumi.Bool(true), +// QuarantineOnWrite: pulumi.Bool(true), +// ScriptBasedExecutionMonitoring: pulumi.Bool(true), +// SensorTamperingProtection: pulumi.Bool(true), +// SuspiciousRegistryOperations: pulumi.Bool(true), +// SuspiciousScriptsAndCommands: pulumi.Bool(true), +// UploadUnknownExecutables: pulumi.Bool(true), +// UploadUnknownDetectionRelatedExecutables: pulumi.Bool(true), +// VolumeShadowCopyAudit: pulumi.Bool(true), +// VolumeShadowCopyProtect: pulumi.Bool(true), +// VulnerableDriverProtection: pulumi.Bool(true), +// WindowsLogonBypassStickyKeys: pulumi.Bool(true), // }) // if err != nil { // return err @@ -179,6 +178,8 @@ type PreventionPolicyWindows struct { Enabled pulumi.BoolOutput `pulumi:"enabled"` // Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreterOnly to be enabled. EngineFullVisibility pulumi.BoolOutput `pulumi:"engineFullVisibility"` + // Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + EnhancedDllLoadVisibility pulumi.BoolOutput `pulumi:"enhancedDllLoadVisibility"` // Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. EnhancedExploitationVisibility pulumi.BoolOutput `pulumi:"enhancedExploitationVisibility"` // Whether to enable the setting. Expand ML file size coverage. Existing ML level settings apply. @@ -342,6 +343,8 @@ type preventionPolicyWindowsState struct { Enabled *bool `pulumi:"enabled"` // Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreterOnly to be enabled. EngineFullVisibility *bool `pulumi:"engineFullVisibility"` + // Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + EnhancedDllLoadVisibility *bool `pulumi:"enhancedDllLoadVisibility"` // Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. EnhancedExploitationVisibility *bool `pulumi:"enhancedExploitationVisibility"` // Whether to enable the setting. Expand ML file size coverage. Existing ML level settings apply. @@ -470,6 +473,8 @@ type PreventionPolicyWindowsState struct { Enabled pulumi.BoolPtrInput // Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreterOnly to be enabled. EngineFullVisibility pulumi.BoolPtrInput + // Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + EnhancedDllLoadVisibility pulumi.BoolPtrInput // Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. EnhancedExploitationVisibility pulumi.BoolPtrInput // Whether to enable the setting. Expand ML file size coverage. Existing ML level settings apply. @@ -602,6 +607,8 @@ type preventionPolicyWindowsArgs struct { Enabled *bool `pulumi:"enabled"` // Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreterOnly to be enabled. EngineFullVisibility *bool `pulumi:"engineFullVisibility"` + // Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + EnhancedDllLoadVisibility *bool `pulumi:"enhancedDllLoadVisibility"` // Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. EnhancedExploitationVisibility *bool `pulumi:"enhancedExploitationVisibility"` // Whether to enable the setting. Expand ML file size coverage. Existing ML level settings apply. @@ -730,6 +737,8 @@ type PreventionPolicyWindowsArgs struct { Enabled pulumi.BoolPtrInput // Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreterOnly to be enabled. EngineFullVisibility pulumi.BoolPtrInput + // Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + EnhancedDllLoadVisibility pulumi.BoolPtrInput // Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. EnhancedExploitationVisibility pulumi.BoolPtrInput // Whether to enable the setting. Expand ML file size coverage. Existing ML level settings apply. @@ -1009,6 +1018,11 @@ func (o PreventionPolicyWindowsOutput) EngineFullVisibility() pulumi.BoolOutput return o.ApplyT(func(v *PreventionPolicyWindows) pulumi.BoolOutput { return v.EngineFullVisibility }).(pulumi.BoolOutput) } +// Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. +func (o PreventionPolicyWindowsOutput) EnhancedDllLoadVisibility() pulumi.BoolOutput { + return o.ApplyT(func(v *PreventionPolicyWindows) pulumi.BoolOutput { return v.EnhancedDllLoadVisibility }).(pulumi.BoolOutput) +} + // Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. func (o PreventionPolicyWindowsOutput) EnhancedExploitationVisibility() pulumi.BoolOutput { return o.ApplyT(func(v *PreventionPolicyWindows) pulumi.BoolOutput { return v.EnhancedExploitationVisibility }).(pulumi.BoolOutput) diff --git a/sdk/go/crowdstrike/provider.go b/sdk/go/crowdstrike/provider.go index ae68609..d974ecc 100644 --- a/sdk/go/crowdstrike/provider.go +++ b/sdk/go/crowdstrike/provider.go @@ -24,8 +24,11 @@ type Provider struct { // Falcon Client Secret used for authenticating to the CrowdStrike APIs. Will use FALCON_CLIENT_SECRET environment variable // when left blank. ClientSecret pulumi.StringPtrOutput `pulumi:"clientSecret"` - // Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + // Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + // environment variable when left blank. Cloud pulumi.StringPtrOutput `pulumi:"cloud"` + // For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + MemberCid pulumi.StringPtrOutput `pulumi:"memberCid"` } // NewProvider registers a new resource with the given unique name, arguments, and options. @@ -62,8 +65,11 @@ type providerArgs struct { // Falcon Client Secret used for authenticating to the CrowdStrike APIs. Will use FALCON_CLIENT_SECRET environment variable // when left blank. ClientSecret *string `pulumi:"clientSecret"` - // Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + // Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + // environment variable when left blank. Cloud *string `pulumi:"cloud"` + // For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + MemberCid *string `pulumi:"memberCid"` } // The set of arguments for constructing a Provider resource. @@ -74,8 +80,11 @@ type ProviderArgs struct { // Falcon Client Secret used for authenticating to the CrowdStrike APIs. Will use FALCON_CLIENT_SECRET environment variable // when left blank. ClientSecret pulumi.StringPtrInput - // Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + // Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + // environment variable when left blank. Cloud pulumi.StringPtrInput + // For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + MemberCid pulumi.StringPtrInput } func (ProviderArgs) ElementType() reflect.Type { @@ -127,11 +136,17 @@ func (o ProviderOutput) ClientSecret() pulumi.StringPtrOutput { return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.ClientSecret }).(pulumi.StringPtrOutput) } -// Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 +// Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD +// environment variable when left blank. func (o ProviderOutput) Cloud() pulumi.StringPtrOutput { return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.Cloud }).(pulumi.StringPtrOutput) } +// For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID +func (o ProviderOutput) MemberCid() pulumi.StringPtrOutput { + return o.ApplyT(func(v *Provider) pulumi.StringPtrOutput { return v.MemberCid }).(pulumi.StringPtrOutput) +} + func init() { pulumi.RegisterInputType(reflect.TypeOf((*ProviderInput)(nil)).Elem(), &Provider{}) pulumi.RegisterOutputType(ProviderOutput{}) diff --git a/sdk/go/crowdstrike/pulumiTypes.go b/sdk/go/crowdstrike/pulumiTypes.go index 9d2ee1f..8bfcb8c 100644 --- a/sdk/go/crowdstrike/pulumiTypes.go +++ b/sdk/go/crowdstrike/pulumiTypes.go @@ -13,6 +13,786 @@ import ( var _ = internal.GetEnvOrDefault +type CloudAwsAccountAssetInventory struct { + // Enable asset inventory + Enabled bool `pulumi:"enabled"` + // Custom AWS IAM role name + RoleName *string `pulumi:"roleName"` +} + +// CloudAwsAccountAssetInventoryInput is an input type that accepts CloudAwsAccountAssetInventoryArgs and CloudAwsAccountAssetInventoryOutput values. +// You can construct a concrete instance of `CloudAwsAccountAssetInventoryInput` via: +// +// CloudAwsAccountAssetInventoryArgs{...} +type CloudAwsAccountAssetInventoryInput interface { + pulumi.Input + + ToCloudAwsAccountAssetInventoryOutput() CloudAwsAccountAssetInventoryOutput + ToCloudAwsAccountAssetInventoryOutputWithContext(context.Context) CloudAwsAccountAssetInventoryOutput +} + +type CloudAwsAccountAssetInventoryArgs struct { + // Enable asset inventory + Enabled pulumi.BoolInput `pulumi:"enabled"` + // Custom AWS IAM role name + RoleName pulumi.StringPtrInput `pulumi:"roleName"` +} + +func (CloudAwsAccountAssetInventoryArgs) ElementType() reflect.Type { + return reflect.TypeOf((*CloudAwsAccountAssetInventory)(nil)).Elem() +} + +func (i CloudAwsAccountAssetInventoryArgs) ToCloudAwsAccountAssetInventoryOutput() CloudAwsAccountAssetInventoryOutput { + return i.ToCloudAwsAccountAssetInventoryOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountAssetInventoryArgs) ToCloudAwsAccountAssetInventoryOutputWithContext(ctx context.Context) CloudAwsAccountAssetInventoryOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountAssetInventoryOutput) +} + +func (i CloudAwsAccountAssetInventoryArgs) ToCloudAwsAccountAssetInventoryPtrOutput() CloudAwsAccountAssetInventoryPtrOutput { + return i.ToCloudAwsAccountAssetInventoryPtrOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountAssetInventoryArgs) ToCloudAwsAccountAssetInventoryPtrOutputWithContext(ctx context.Context) CloudAwsAccountAssetInventoryPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountAssetInventoryOutput).ToCloudAwsAccountAssetInventoryPtrOutputWithContext(ctx) +} + +// CloudAwsAccountAssetInventoryPtrInput is an input type that accepts CloudAwsAccountAssetInventoryArgs, CloudAwsAccountAssetInventoryPtr and CloudAwsAccountAssetInventoryPtrOutput values. +// You can construct a concrete instance of `CloudAwsAccountAssetInventoryPtrInput` via: +// +// CloudAwsAccountAssetInventoryArgs{...} +// +// or: +// +// nil +type CloudAwsAccountAssetInventoryPtrInput interface { + pulumi.Input + + ToCloudAwsAccountAssetInventoryPtrOutput() CloudAwsAccountAssetInventoryPtrOutput + ToCloudAwsAccountAssetInventoryPtrOutputWithContext(context.Context) CloudAwsAccountAssetInventoryPtrOutput +} + +type cloudAwsAccountAssetInventoryPtrType CloudAwsAccountAssetInventoryArgs + +func CloudAwsAccountAssetInventoryPtr(v *CloudAwsAccountAssetInventoryArgs) CloudAwsAccountAssetInventoryPtrInput { + return (*cloudAwsAccountAssetInventoryPtrType)(v) +} + +func (*cloudAwsAccountAssetInventoryPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccountAssetInventory)(nil)).Elem() +} + +func (i *cloudAwsAccountAssetInventoryPtrType) ToCloudAwsAccountAssetInventoryPtrOutput() CloudAwsAccountAssetInventoryPtrOutput { + return i.ToCloudAwsAccountAssetInventoryPtrOutputWithContext(context.Background()) +} + +func (i *cloudAwsAccountAssetInventoryPtrType) ToCloudAwsAccountAssetInventoryPtrOutputWithContext(ctx context.Context) CloudAwsAccountAssetInventoryPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountAssetInventoryPtrOutput) +} + +type CloudAwsAccountAssetInventoryOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountAssetInventoryOutput) ElementType() reflect.Type { + return reflect.TypeOf((*CloudAwsAccountAssetInventory)(nil)).Elem() +} + +func (o CloudAwsAccountAssetInventoryOutput) ToCloudAwsAccountAssetInventoryOutput() CloudAwsAccountAssetInventoryOutput { + return o +} + +func (o CloudAwsAccountAssetInventoryOutput) ToCloudAwsAccountAssetInventoryOutputWithContext(ctx context.Context) CloudAwsAccountAssetInventoryOutput { + return o +} + +func (o CloudAwsAccountAssetInventoryOutput) ToCloudAwsAccountAssetInventoryPtrOutput() CloudAwsAccountAssetInventoryPtrOutput { + return o.ToCloudAwsAccountAssetInventoryPtrOutputWithContext(context.Background()) +} + +func (o CloudAwsAccountAssetInventoryOutput) ToCloudAwsAccountAssetInventoryPtrOutputWithContext(ctx context.Context) CloudAwsAccountAssetInventoryPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v CloudAwsAccountAssetInventory) *CloudAwsAccountAssetInventory { + return &v + }).(CloudAwsAccountAssetInventoryPtrOutput) +} + +// Enable asset inventory +func (o CloudAwsAccountAssetInventoryOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v CloudAwsAccountAssetInventory) bool { return v.Enabled }).(pulumi.BoolOutput) +} + +// Custom AWS IAM role name +func (o CloudAwsAccountAssetInventoryOutput) RoleName() pulumi.StringPtrOutput { + return o.ApplyT(func(v CloudAwsAccountAssetInventory) *string { return v.RoleName }).(pulumi.StringPtrOutput) +} + +type CloudAwsAccountAssetInventoryPtrOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountAssetInventoryPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccountAssetInventory)(nil)).Elem() +} + +func (o CloudAwsAccountAssetInventoryPtrOutput) ToCloudAwsAccountAssetInventoryPtrOutput() CloudAwsAccountAssetInventoryPtrOutput { + return o +} + +func (o CloudAwsAccountAssetInventoryPtrOutput) ToCloudAwsAccountAssetInventoryPtrOutputWithContext(ctx context.Context) CloudAwsAccountAssetInventoryPtrOutput { + return o +} + +func (o CloudAwsAccountAssetInventoryPtrOutput) Elem() CloudAwsAccountAssetInventoryOutput { + return o.ApplyT(func(v *CloudAwsAccountAssetInventory) CloudAwsAccountAssetInventory { + if v != nil { + return *v + } + var ret CloudAwsAccountAssetInventory + return ret + }).(CloudAwsAccountAssetInventoryOutput) +} + +// Enable asset inventory +func (o CloudAwsAccountAssetInventoryPtrOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *CloudAwsAccountAssetInventory) *bool { + if v == nil { + return nil + } + return &v.Enabled + }).(pulumi.BoolPtrOutput) +} + +// Custom AWS IAM role name +func (o CloudAwsAccountAssetInventoryPtrOutput) RoleName() pulumi.StringPtrOutput { + return o.ApplyT(func(v *CloudAwsAccountAssetInventory) *string { + if v == nil { + return nil + } + return v.RoleName + }).(pulumi.StringPtrOutput) +} + +type CloudAwsAccountDspm struct { + // Enable Data Security Posture Management + Enabled bool `pulumi:"enabled"` + // Custom AWS IAM role name for Data Security Posture Management + RoleName *string `pulumi:"roleName"` +} + +// CloudAwsAccountDspmInput is an input type that accepts CloudAwsAccountDspmArgs and CloudAwsAccountDspmOutput values. +// You can construct a concrete instance of `CloudAwsAccountDspmInput` via: +// +// CloudAwsAccountDspmArgs{...} +type CloudAwsAccountDspmInput interface { + pulumi.Input + + ToCloudAwsAccountDspmOutput() CloudAwsAccountDspmOutput + ToCloudAwsAccountDspmOutputWithContext(context.Context) CloudAwsAccountDspmOutput +} + +type CloudAwsAccountDspmArgs struct { + // Enable Data Security Posture Management + Enabled pulumi.BoolInput `pulumi:"enabled"` + // Custom AWS IAM role name for Data Security Posture Management + RoleName pulumi.StringPtrInput `pulumi:"roleName"` +} + +func (CloudAwsAccountDspmArgs) ElementType() reflect.Type { + return reflect.TypeOf((*CloudAwsAccountDspm)(nil)).Elem() +} + +func (i CloudAwsAccountDspmArgs) ToCloudAwsAccountDspmOutput() CloudAwsAccountDspmOutput { + return i.ToCloudAwsAccountDspmOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountDspmArgs) ToCloudAwsAccountDspmOutputWithContext(ctx context.Context) CloudAwsAccountDspmOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountDspmOutput) +} + +func (i CloudAwsAccountDspmArgs) ToCloudAwsAccountDspmPtrOutput() CloudAwsAccountDspmPtrOutput { + return i.ToCloudAwsAccountDspmPtrOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountDspmArgs) ToCloudAwsAccountDspmPtrOutputWithContext(ctx context.Context) CloudAwsAccountDspmPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountDspmOutput).ToCloudAwsAccountDspmPtrOutputWithContext(ctx) +} + +// CloudAwsAccountDspmPtrInput is an input type that accepts CloudAwsAccountDspmArgs, CloudAwsAccountDspmPtr and CloudAwsAccountDspmPtrOutput values. +// You can construct a concrete instance of `CloudAwsAccountDspmPtrInput` via: +// +// CloudAwsAccountDspmArgs{...} +// +// or: +// +// nil +type CloudAwsAccountDspmPtrInput interface { + pulumi.Input + + ToCloudAwsAccountDspmPtrOutput() CloudAwsAccountDspmPtrOutput + ToCloudAwsAccountDspmPtrOutputWithContext(context.Context) CloudAwsAccountDspmPtrOutput +} + +type cloudAwsAccountDspmPtrType CloudAwsAccountDspmArgs + +func CloudAwsAccountDspmPtr(v *CloudAwsAccountDspmArgs) CloudAwsAccountDspmPtrInput { + return (*cloudAwsAccountDspmPtrType)(v) +} + +func (*cloudAwsAccountDspmPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccountDspm)(nil)).Elem() +} + +func (i *cloudAwsAccountDspmPtrType) ToCloudAwsAccountDspmPtrOutput() CloudAwsAccountDspmPtrOutput { + return i.ToCloudAwsAccountDspmPtrOutputWithContext(context.Background()) +} + +func (i *cloudAwsAccountDspmPtrType) ToCloudAwsAccountDspmPtrOutputWithContext(ctx context.Context) CloudAwsAccountDspmPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountDspmPtrOutput) +} + +type CloudAwsAccountDspmOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountDspmOutput) ElementType() reflect.Type { + return reflect.TypeOf((*CloudAwsAccountDspm)(nil)).Elem() +} + +func (o CloudAwsAccountDspmOutput) ToCloudAwsAccountDspmOutput() CloudAwsAccountDspmOutput { + return o +} + +func (o CloudAwsAccountDspmOutput) ToCloudAwsAccountDspmOutputWithContext(ctx context.Context) CloudAwsAccountDspmOutput { + return o +} + +func (o CloudAwsAccountDspmOutput) ToCloudAwsAccountDspmPtrOutput() CloudAwsAccountDspmPtrOutput { + return o.ToCloudAwsAccountDspmPtrOutputWithContext(context.Background()) +} + +func (o CloudAwsAccountDspmOutput) ToCloudAwsAccountDspmPtrOutputWithContext(ctx context.Context) CloudAwsAccountDspmPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v CloudAwsAccountDspm) *CloudAwsAccountDspm { + return &v + }).(CloudAwsAccountDspmPtrOutput) +} + +// Enable Data Security Posture Management +func (o CloudAwsAccountDspmOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v CloudAwsAccountDspm) bool { return v.Enabled }).(pulumi.BoolOutput) +} + +// Custom AWS IAM role name for Data Security Posture Management +func (o CloudAwsAccountDspmOutput) RoleName() pulumi.StringPtrOutput { + return o.ApplyT(func(v CloudAwsAccountDspm) *string { return v.RoleName }).(pulumi.StringPtrOutput) +} + +type CloudAwsAccountDspmPtrOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountDspmPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccountDspm)(nil)).Elem() +} + +func (o CloudAwsAccountDspmPtrOutput) ToCloudAwsAccountDspmPtrOutput() CloudAwsAccountDspmPtrOutput { + return o +} + +func (o CloudAwsAccountDspmPtrOutput) ToCloudAwsAccountDspmPtrOutputWithContext(ctx context.Context) CloudAwsAccountDspmPtrOutput { + return o +} + +func (o CloudAwsAccountDspmPtrOutput) Elem() CloudAwsAccountDspmOutput { + return o.ApplyT(func(v *CloudAwsAccountDspm) CloudAwsAccountDspm { + if v != nil { + return *v + } + var ret CloudAwsAccountDspm + return ret + }).(CloudAwsAccountDspmOutput) +} + +// Enable Data Security Posture Management +func (o CloudAwsAccountDspmPtrOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *CloudAwsAccountDspm) *bool { + if v == nil { + return nil + } + return &v.Enabled + }).(pulumi.BoolPtrOutput) +} + +// Custom AWS IAM role name for Data Security Posture Management +func (o CloudAwsAccountDspmPtrOutput) RoleName() pulumi.StringPtrOutput { + return o.ApplyT(func(v *CloudAwsAccountDspm) *string { + if v == nil { + return nil + } + return v.RoleName + }).(pulumi.StringPtrOutput) +} + +type CloudAwsAccountIdp struct { + // Enable Identity Protection + Enabled bool `pulumi:"enabled"` + // Current status of the Identity Protection integration + Status *string `pulumi:"status"` +} + +// CloudAwsAccountIdpInput is an input type that accepts CloudAwsAccountIdpArgs and CloudAwsAccountIdpOutput values. +// You can construct a concrete instance of `CloudAwsAccountIdpInput` via: +// +// CloudAwsAccountIdpArgs{...} +type CloudAwsAccountIdpInput interface { + pulumi.Input + + ToCloudAwsAccountIdpOutput() CloudAwsAccountIdpOutput + ToCloudAwsAccountIdpOutputWithContext(context.Context) CloudAwsAccountIdpOutput +} + +type CloudAwsAccountIdpArgs struct { + // Enable Identity Protection + Enabled pulumi.BoolInput `pulumi:"enabled"` + // Current status of the Identity Protection integration + Status pulumi.StringPtrInput `pulumi:"status"` +} + +func (CloudAwsAccountIdpArgs) ElementType() reflect.Type { + return reflect.TypeOf((*CloudAwsAccountIdp)(nil)).Elem() +} + +func (i CloudAwsAccountIdpArgs) ToCloudAwsAccountIdpOutput() CloudAwsAccountIdpOutput { + return i.ToCloudAwsAccountIdpOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountIdpArgs) ToCloudAwsAccountIdpOutputWithContext(ctx context.Context) CloudAwsAccountIdpOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountIdpOutput) +} + +func (i CloudAwsAccountIdpArgs) ToCloudAwsAccountIdpPtrOutput() CloudAwsAccountIdpPtrOutput { + return i.ToCloudAwsAccountIdpPtrOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountIdpArgs) ToCloudAwsAccountIdpPtrOutputWithContext(ctx context.Context) CloudAwsAccountIdpPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountIdpOutput).ToCloudAwsAccountIdpPtrOutputWithContext(ctx) +} + +// CloudAwsAccountIdpPtrInput is an input type that accepts CloudAwsAccountIdpArgs, CloudAwsAccountIdpPtr and CloudAwsAccountIdpPtrOutput values. +// You can construct a concrete instance of `CloudAwsAccountIdpPtrInput` via: +// +// CloudAwsAccountIdpArgs{...} +// +// or: +// +// nil +type CloudAwsAccountIdpPtrInput interface { + pulumi.Input + + ToCloudAwsAccountIdpPtrOutput() CloudAwsAccountIdpPtrOutput + ToCloudAwsAccountIdpPtrOutputWithContext(context.Context) CloudAwsAccountIdpPtrOutput +} + +type cloudAwsAccountIdpPtrType CloudAwsAccountIdpArgs + +func CloudAwsAccountIdpPtr(v *CloudAwsAccountIdpArgs) CloudAwsAccountIdpPtrInput { + return (*cloudAwsAccountIdpPtrType)(v) +} + +func (*cloudAwsAccountIdpPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccountIdp)(nil)).Elem() +} + +func (i *cloudAwsAccountIdpPtrType) ToCloudAwsAccountIdpPtrOutput() CloudAwsAccountIdpPtrOutput { + return i.ToCloudAwsAccountIdpPtrOutputWithContext(context.Background()) +} + +func (i *cloudAwsAccountIdpPtrType) ToCloudAwsAccountIdpPtrOutputWithContext(ctx context.Context) CloudAwsAccountIdpPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountIdpPtrOutput) +} + +type CloudAwsAccountIdpOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountIdpOutput) ElementType() reflect.Type { + return reflect.TypeOf((*CloudAwsAccountIdp)(nil)).Elem() +} + +func (o CloudAwsAccountIdpOutput) ToCloudAwsAccountIdpOutput() CloudAwsAccountIdpOutput { + return o +} + +func (o CloudAwsAccountIdpOutput) ToCloudAwsAccountIdpOutputWithContext(ctx context.Context) CloudAwsAccountIdpOutput { + return o +} + +func (o CloudAwsAccountIdpOutput) ToCloudAwsAccountIdpPtrOutput() CloudAwsAccountIdpPtrOutput { + return o.ToCloudAwsAccountIdpPtrOutputWithContext(context.Background()) +} + +func (o CloudAwsAccountIdpOutput) ToCloudAwsAccountIdpPtrOutputWithContext(ctx context.Context) CloudAwsAccountIdpPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v CloudAwsAccountIdp) *CloudAwsAccountIdp { + return &v + }).(CloudAwsAccountIdpPtrOutput) +} + +// Enable Identity Protection +func (o CloudAwsAccountIdpOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v CloudAwsAccountIdp) bool { return v.Enabled }).(pulumi.BoolOutput) +} + +// Current status of the Identity Protection integration +func (o CloudAwsAccountIdpOutput) Status() pulumi.StringPtrOutput { + return o.ApplyT(func(v CloudAwsAccountIdp) *string { return v.Status }).(pulumi.StringPtrOutput) +} + +type CloudAwsAccountIdpPtrOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountIdpPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccountIdp)(nil)).Elem() +} + +func (o CloudAwsAccountIdpPtrOutput) ToCloudAwsAccountIdpPtrOutput() CloudAwsAccountIdpPtrOutput { + return o +} + +func (o CloudAwsAccountIdpPtrOutput) ToCloudAwsAccountIdpPtrOutputWithContext(ctx context.Context) CloudAwsAccountIdpPtrOutput { + return o +} + +func (o CloudAwsAccountIdpPtrOutput) Elem() CloudAwsAccountIdpOutput { + return o.ApplyT(func(v *CloudAwsAccountIdp) CloudAwsAccountIdp { + if v != nil { + return *v + } + var ret CloudAwsAccountIdp + return ret + }).(CloudAwsAccountIdpOutput) +} + +// Enable Identity Protection +func (o CloudAwsAccountIdpPtrOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *CloudAwsAccountIdp) *bool { + if v == nil { + return nil + } + return &v.Enabled + }).(pulumi.BoolPtrOutput) +} + +// Current status of the Identity Protection integration +func (o CloudAwsAccountIdpPtrOutput) Status() pulumi.StringPtrOutput { + return o.ApplyT(func(v *CloudAwsAccountIdp) *string { + if v == nil { + return nil + } + return v.Status + }).(pulumi.StringPtrOutput) +} + +type CloudAwsAccountRealtimeVisibility struct { + // The AWS region of the CloudTrail bucket + CloudtrailRegion string `pulumi:"cloudtrailRegion"` + // Enable real-time visibility and detection + Enabled bool `pulumi:"enabled"` + // Set to true if a CloudTrail already exists + UseExistingCloudtrail *bool `pulumi:"useExistingCloudtrail"` +} + +// CloudAwsAccountRealtimeVisibilityInput is an input type that accepts CloudAwsAccountRealtimeVisibilityArgs and CloudAwsAccountRealtimeVisibilityOutput values. +// You can construct a concrete instance of `CloudAwsAccountRealtimeVisibilityInput` via: +// +// CloudAwsAccountRealtimeVisibilityArgs{...} +type CloudAwsAccountRealtimeVisibilityInput interface { + pulumi.Input + + ToCloudAwsAccountRealtimeVisibilityOutput() CloudAwsAccountRealtimeVisibilityOutput + ToCloudAwsAccountRealtimeVisibilityOutputWithContext(context.Context) CloudAwsAccountRealtimeVisibilityOutput +} + +type CloudAwsAccountRealtimeVisibilityArgs struct { + // The AWS region of the CloudTrail bucket + CloudtrailRegion pulumi.StringInput `pulumi:"cloudtrailRegion"` + // Enable real-time visibility and detection + Enabled pulumi.BoolInput `pulumi:"enabled"` + // Set to true if a CloudTrail already exists + UseExistingCloudtrail pulumi.BoolPtrInput `pulumi:"useExistingCloudtrail"` +} + +func (CloudAwsAccountRealtimeVisibilityArgs) ElementType() reflect.Type { + return reflect.TypeOf((*CloudAwsAccountRealtimeVisibility)(nil)).Elem() +} + +func (i CloudAwsAccountRealtimeVisibilityArgs) ToCloudAwsAccountRealtimeVisibilityOutput() CloudAwsAccountRealtimeVisibilityOutput { + return i.ToCloudAwsAccountRealtimeVisibilityOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountRealtimeVisibilityArgs) ToCloudAwsAccountRealtimeVisibilityOutputWithContext(ctx context.Context) CloudAwsAccountRealtimeVisibilityOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountRealtimeVisibilityOutput) +} + +func (i CloudAwsAccountRealtimeVisibilityArgs) ToCloudAwsAccountRealtimeVisibilityPtrOutput() CloudAwsAccountRealtimeVisibilityPtrOutput { + return i.ToCloudAwsAccountRealtimeVisibilityPtrOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountRealtimeVisibilityArgs) ToCloudAwsAccountRealtimeVisibilityPtrOutputWithContext(ctx context.Context) CloudAwsAccountRealtimeVisibilityPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountRealtimeVisibilityOutput).ToCloudAwsAccountRealtimeVisibilityPtrOutputWithContext(ctx) +} + +// CloudAwsAccountRealtimeVisibilityPtrInput is an input type that accepts CloudAwsAccountRealtimeVisibilityArgs, CloudAwsAccountRealtimeVisibilityPtr and CloudAwsAccountRealtimeVisibilityPtrOutput values. +// You can construct a concrete instance of `CloudAwsAccountRealtimeVisibilityPtrInput` via: +// +// CloudAwsAccountRealtimeVisibilityArgs{...} +// +// or: +// +// nil +type CloudAwsAccountRealtimeVisibilityPtrInput interface { + pulumi.Input + + ToCloudAwsAccountRealtimeVisibilityPtrOutput() CloudAwsAccountRealtimeVisibilityPtrOutput + ToCloudAwsAccountRealtimeVisibilityPtrOutputWithContext(context.Context) CloudAwsAccountRealtimeVisibilityPtrOutput +} + +type cloudAwsAccountRealtimeVisibilityPtrType CloudAwsAccountRealtimeVisibilityArgs + +func CloudAwsAccountRealtimeVisibilityPtr(v *CloudAwsAccountRealtimeVisibilityArgs) CloudAwsAccountRealtimeVisibilityPtrInput { + return (*cloudAwsAccountRealtimeVisibilityPtrType)(v) +} + +func (*cloudAwsAccountRealtimeVisibilityPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccountRealtimeVisibility)(nil)).Elem() +} + +func (i *cloudAwsAccountRealtimeVisibilityPtrType) ToCloudAwsAccountRealtimeVisibilityPtrOutput() CloudAwsAccountRealtimeVisibilityPtrOutput { + return i.ToCloudAwsAccountRealtimeVisibilityPtrOutputWithContext(context.Background()) +} + +func (i *cloudAwsAccountRealtimeVisibilityPtrType) ToCloudAwsAccountRealtimeVisibilityPtrOutputWithContext(ctx context.Context) CloudAwsAccountRealtimeVisibilityPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountRealtimeVisibilityPtrOutput) +} + +type CloudAwsAccountRealtimeVisibilityOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountRealtimeVisibilityOutput) ElementType() reflect.Type { + return reflect.TypeOf((*CloudAwsAccountRealtimeVisibility)(nil)).Elem() +} + +func (o CloudAwsAccountRealtimeVisibilityOutput) ToCloudAwsAccountRealtimeVisibilityOutput() CloudAwsAccountRealtimeVisibilityOutput { + return o +} + +func (o CloudAwsAccountRealtimeVisibilityOutput) ToCloudAwsAccountRealtimeVisibilityOutputWithContext(ctx context.Context) CloudAwsAccountRealtimeVisibilityOutput { + return o +} + +func (o CloudAwsAccountRealtimeVisibilityOutput) ToCloudAwsAccountRealtimeVisibilityPtrOutput() CloudAwsAccountRealtimeVisibilityPtrOutput { + return o.ToCloudAwsAccountRealtimeVisibilityPtrOutputWithContext(context.Background()) +} + +func (o CloudAwsAccountRealtimeVisibilityOutput) ToCloudAwsAccountRealtimeVisibilityPtrOutputWithContext(ctx context.Context) CloudAwsAccountRealtimeVisibilityPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v CloudAwsAccountRealtimeVisibility) *CloudAwsAccountRealtimeVisibility { + return &v + }).(CloudAwsAccountRealtimeVisibilityPtrOutput) +} + +// The AWS region of the CloudTrail bucket +func (o CloudAwsAccountRealtimeVisibilityOutput) CloudtrailRegion() pulumi.StringOutput { + return o.ApplyT(func(v CloudAwsAccountRealtimeVisibility) string { return v.CloudtrailRegion }).(pulumi.StringOutput) +} + +// Enable real-time visibility and detection +func (o CloudAwsAccountRealtimeVisibilityOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v CloudAwsAccountRealtimeVisibility) bool { return v.Enabled }).(pulumi.BoolOutput) +} + +// Set to true if a CloudTrail already exists +func (o CloudAwsAccountRealtimeVisibilityOutput) UseExistingCloudtrail() pulumi.BoolPtrOutput { + return o.ApplyT(func(v CloudAwsAccountRealtimeVisibility) *bool { return v.UseExistingCloudtrail }).(pulumi.BoolPtrOutput) +} + +type CloudAwsAccountRealtimeVisibilityPtrOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountRealtimeVisibilityPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccountRealtimeVisibility)(nil)).Elem() +} + +func (o CloudAwsAccountRealtimeVisibilityPtrOutput) ToCloudAwsAccountRealtimeVisibilityPtrOutput() CloudAwsAccountRealtimeVisibilityPtrOutput { + return o +} + +func (o CloudAwsAccountRealtimeVisibilityPtrOutput) ToCloudAwsAccountRealtimeVisibilityPtrOutputWithContext(ctx context.Context) CloudAwsAccountRealtimeVisibilityPtrOutput { + return o +} + +func (o CloudAwsAccountRealtimeVisibilityPtrOutput) Elem() CloudAwsAccountRealtimeVisibilityOutput { + return o.ApplyT(func(v *CloudAwsAccountRealtimeVisibility) CloudAwsAccountRealtimeVisibility { + if v != nil { + return *v + } + var ret CloudAwsAccountRealtimeVisibility + return ret + }).(CloudAwsAccountRealtimeVisibilityOutput) +} + +// The AWS region of the CloudTrail bucket +func (o CloudAwsAccountRealtimeVisibilityPtrOutput) CloudtrailRegion() pulumi.StringPtrOutput { + return o.ApplyT(func(v *CloudAwsAccountRealtimeVisibility) *string { + if v == nil { + return nil + } + return &v.CloudtrailRegion + }).(pulumi.StringPtrOutput) +} + +// Enable real-time visibility and detection +func (o CloudAwsAccountRealtimeVisibilityPtrOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *CloudAwsAccountRealtimeVisibility) *bool { + if v == nil { + return nil + } + return &v.Enabled + }).(pulumi.BoolPtrOutput) +} + +// Set to true if a CloudTrail already exists +func (o CloudAwsAccountRealtimeVisibilityPtrOutput) UseExistingCloudtrail() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *CloudAwsAccountRealtimeVisibility) *bool { + if v == nil { + return nil + } + return v.UseExistingCloudtrail + }).(pulumi.BoolPtrOutput) +} + +type CloudAwsAccountSensorManagement struct { + // Enable 1-click sensor deployment + Enabled bool `pulumi:"enabled"` +} + +// CloudAwsAccountSensorManagementInput is an input type that accepts CloudAwsAccountSensorManagementArgs and CloudAwsAccountSensorManagementOutput values. +// You can construct a concrete instance of `CloudAwsAccountSensorManagementInput` via: +// +// CloudAwsAccountSensorManagementArgs{...} +type CloudAwsAccountSensorManagementInput interface { + pulumi.Input + + ToCloudAwsAccountSensorManagementOutput() CloudAwsAccountSensorManagementOutput + ToCloudAwsAccountSensorManagementOutputWithContext(context.Context) CloudAwsAccountSensorManagementOutput +} + +type CloudAwsAccountSensorManagementArgs struct { + // Enable 1-click sensor deployment + Enabled pulumi.BoolInput `pulumi:"enabled"` +} + +func (CloudAwsAccountSensorManagementArgs) ElementType() reflect.Type { + return reflect.TypeOf((*CloudAwsAccountSensorManagement)(nil)).Elem() +} + +func (i CloudAwsAccountSensorManagementArgs) ToCloudAwsAccountSensorManagementOutput() CloudAwsAccountSensorManagementOutput { + return i.ToCloudAwsAccountSensorManagementOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountSensorManagementArgs) ToCloudAwsAccountSensorManagementOutputWithContext(ctx context.Context) CloudAwsAccountSensorManagementOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountSensorManagementOutput) +} + +func (i CloudAwsAccountSensorManagementArgs) ToCloudAwsAccountSensorManagementPtrOutput() CloudAwsAccountSensorManagementPtrOutput { + return i.ToCloudAwsAccountSensorManagementPtrOutputWithContext(context.Background()) +} + +func (i CloudAwsAccountSensorManagementArgs) ToCloudAwsAccountSensorManagementPtrOutputWithContext(ctx context.Context) CloudAwsAccountSensorManagementPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountSensorManagementOutput).ToCloudAwsAccountSensorManagementPtrOutputWithContext(ctx) +} + +// CloudAwsAccountSensorManagementPtrInput is an input type that accepts CloudAwsAccountSensorManagementArgs, CloudAwsAccountSensorManagementPtr and CloudAwsAccountSensorManagementPtrOutput values. +// You can construct a concrete instance of `CloudAwsAccountSensorManagementPtrInput` via: +// +// CloudAwsAccountSensorManagementArgs{...} +// +// or: +// +// nil +type CloudAwsAccountSensorManagementPtrInput interface { + pulumi.Input + + ToCloudAwsAccountSensorManagementPtrOutput() CloudAwsAccountSensorManagementPtrOutput + ToCloudAwsAccountSensorManagementPtrOutputWithContext(context.Context) CloudAwsAccountSensorManagementPtrOutput +} + +type cloudAwsAccountSensorManagementPtrType CloudAwsAccountSensorManagementArgs + +func CloudAwsAccountSensorManagementPtr(v *CloudAwsAccountSensorManagementArgs) CloudAwsAccountSensorManagementPtrInput { + return (*cloudAwsAccountSensorManagementPtrType)(v) +} + +func (*cloudAwsAccountSensorManagementPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccountSensorManagement)(nil)).Elem() +} + +func (i *cloudAwsAccountSensorManagementPtrType) ToCloudAwsAccountSensorManagementPtrOutput() CloudAwsAccountSensorManagementPtrOutput { + return i.ToCloudAwsAccountSensorManagementPtrOutputWithContext(context.Background()) +} + +func (i *cloudAwsAccountSensorManagementPtrType) ToCloudAwsAccountSensorManagementPtrOutputWithContext(ctx context.Context) CloudAwsAccountSensorManagementPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(CloudAwsAccountSensorManagementPtrOutput) +} + +type CloudAwsAccountSensorManagementOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountSensorManagementOutput) ElementType() reflect.Type { + return reflect.TypeOf((*CloudAwsAccountSensorManagement)(nil)).Elem() +} + +func (o CloudAwsAccountSensorManagementOutput) ToCloudAwsAccountSensorManagementOutput() CloudAwsAccountSensorManagementOutput { + return o +} + +func (o CloudAwsAccountSensorManagementOutput) ToCloudAwsAccountSensorManagementOutputWithContext(ctx context.Context) CloudAwsAccountSensorManagementOutput { + return o +} + +func (o CloudAwsAccountSensorManagementOutput) ToCloudAwsAccountSensorManagementPtrOutput() CloudAwsAccountSensorManagementPtrOutput { + return o.ToCloudAwsAccountSensorManagementPtrOutputWithContext(context.Background()) +} + +func (o CloudAwsAccountSensorManagementOutput) ToCloudAwsAccountSensorManagementPtrOutputWithContext(ctx context.Context) CloudAwsAccountSensorManagementPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v CloudAwsAccountSensorManagement) *CloudAwsAccountSensorManagement { + return &v + }).(CloudAwsAccountSensorManagementPtrOutput) +} + +// Enable 1-click sensor deployment +func (o CloudAwsAccountSensorManagementOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v CloudAwsAccountSensorManagement) bool { return v.Enabled }).(pulumi.BoolOutput) +} + +type CloudAwsAccountSensorManagementPtrOutput struct{ *pulumi.OutputState } + +func (CloudAwsAccountSensorManagementPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**CloudAwsAccountSensorManagement)(nil)).Elem() +} + +func (o CloudAwsAccountSensorManagementPtrOutput) ToCloudAwsAccountSensorManagementPtrOutput() CloudAwsAccountSensorManagementPtrOutput { + return o +} + +func (o CloudAwsAccountSensorManagementPtrOutput) ToCloudAwsAccountSensorManagementPtrOutputWithContext(ctx context.Context) CloudAwsAccountSensorManagementPtrOutput { + return o +} + +func (o CloudAwsAccountSensorManagementPtrOutput) Elem() CloudAwsAccountSensorManagementOutput { + return o.ApplyT(func(v *CloudAwsAccountSensorManagement) CloudAwsAccountSensorManagement { + if v != nil { + return *v + } + var ret CloudAwsAccountSensorManagement + return ret + }).(CloudAwsAccountSensorManagementOutput) +} + +// Enable 1-click sensor deployment +func (o CloudAwsAccountSensorManagementPtrOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *CloudAwsAccountSensorManagement) *bool { + if v == nil { + return nil + } + return &v.Enabled + }).(pulumi.BoolPtrOutput) +} + type FilevantagePolicyScheduledExclusion struct { // Description of the scheduled exclusion. Description *string `pulumi:"description"` @@ -3128,6 +3908,256 @@ func (o SensorUpdatePolicyScheduleTimeBlockArrayOutput) Index(i pulumi.IntInput) }).(SensorUpdatePolicyScheduleTimeBlockOutput) } +type GetCloudAwsAccountAccount struct { + // The AWS Account ID + AccountId string `pulumi:"accountId"` + // The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + AccountType string `pulumi:"accountType"` + // Whether asset inventory is enabled + AssetInventoryEnabled bool `pulumi:"assetInventoryEnabled"` + // The name of the CloudTrail S3 bucket used for real-time visibility + CloudtrailBucketName string `pulumi:"cloudtrailBucketName"` + // The AWS region of the CloudTrail bucket + CloudtrailRegion string `pulumi:"cloudtrailRegion"` + // Whether Data Security Posture Management is enabled + DspmEnabled bool `pulumi:"dspmEnabled"` + // The ARN of the IAM role to be used by CrowdStrike DSPM + DspmRoleArn string `pulumi:"dspmRoleArn"` + // The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + EventbusArn string `pulumi:"eventbusArn"` + // The name of the Amazon EventBridge used by CrowdStrike to forward messages + EventbusName string `pulumi:"eventbusName"` + // The external ID used to assume the AWS IAM role + ExternalId string `pulumi:"externalId"` + // The ARN of the AWS IAM role used to access this AWS account + IamRoleArn string `pulumi:"iamRoleArn"` + // Whether Identity Protection is enabled + IdpEnabled bool `pulumi:"idpEnabled"` + // The ARN of the intermediate role used to assume the AWS IAM role + IntermediateRoleArn string `pulumi:"intermediateRoleArn"` + // Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + IsOrganizationManagementAccount bool `pulumi:"isOrganizationManagementAccount"` + // The AWS Organization ID + OrganizationId string `pulumi:"organizationId"` + // Whether real-time visibility is enabled + RealtimeVisibilityEnabled bool `pulumi:"realtimeVisibilityEnabled"` + // Whether 1-click sensor deployment is enabled + SensorManagementEnabled bool `pulumi:"sensorManagementEnabled"` + // The list of AWS Organizational Units (OUs) targeted for this account + TargetOuses []string `pulumi:"targetOuses"` +} + +// GetCloudAwsAccountAccountInput is an input type that accepts GetCloudAwsAccountAccountArgs and GetCloudAwsAccountAccountOutput values. +// You can construct a concrete instance of `GetCloudAwsAccountAccountInput` via: +// +// GetCloudAwsAccountAccountArgs{...} +type GetCloudAwsAccountAccountInput interface { + pulumi.Input + + ToGetCloudAwsAccountAccountOutput() GetCloudAwsAccountAccountOutput + ToGetCloudAwsAccountAccountOutputWithContext(context.Context) GetCloudAwsAccountAccountOutput +} + +type GetCloudAwsAccountAccountArgs struct { + // The AWS Account ID + AccountId pulumi.StringInput `pulumi:"accountId"` + // The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + AccountType pulumi.StringInput `pulumi:"accountType"` + // Whether asset inventory is enabled + AssetInventoryEnabled pulumi.BoolInput `pulumi:"assetInventoryEnabled"` + // The name of the CloudTrail S3 bucket used for real-time visibility + CloudtrailBucketName pulumi.StringInput `pulumi:"cloudtrailBucketName"` + // The AWS region of the CloudTrail bucket + CloudtrailRegion pulumi.StringInput `pulumi:"cloudtrailRegion"` + // Whether Data Security Posture Management is enabled + DspmEnabled pulumi.BoolInput `pulumi:"dspmEnabled"` + // The ARN of the IAM role to be used by CrowdStrike DSPM + DspmRoleArn pulumi.StringInput `pulumi:"dspmRoleArn"` + // The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + EventbusArn pulumi.StringInput `pulumi:"eventbusArn"` + // The name of the Amazon EventBridge used by CrowdStrike to forward messages + EventbusName pulumi.StringInput `pulumi:"eventbusName"` + // The external ID used to assume the AWS IAM role + ExternalId pulumi.StringInput `pulumi:"externalId"` + // The ARN of the AWS IAM role used to access this AWS account + IamRoleArn pulumi.StringInput `pulumi:"iamRoleArn"` + // Whether Identity Protection is enabled + IdpEnabled pulumi.BoolInput `pulumi:"idpEnabled"` + // The ARN of the intermediate role used to assume the AWS IAM role + IntermediateRoleArn pulumi.StringInput `pulumi:"intermediateRoleArn"` + // Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + IsOrganizationManagementAccount pulumi.BoolInput `pulumi:"isOrganizationManagementAccount"` + // The AWS Organization ID + OrganizationId pulumi.StringInput `pulumi:"organizationId"` + // Whether real-time visibility is enabled + RealtimeVisibilityEnabled pulumi.BoolInput `pulumi:"realtimeVisibilityEnabled"` + // Whether 1-click sensor deployment is enabled + SensorManagementEnabled pulumi.BoolInput `pulumi:"sensorManagementEnabled"` + // The list of AWS Organizational Units (OUs) targeted for this account + TargetOuses pulumi.StringArrayInput `pulumi:"targetOuses"` +} + +func (GetCloudAwsAccountAccountArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetCloudAwsAccountAccount)(nil)).Elem() +} + +func (i GetCloudAwsAccountAccountArgs) ToGetCloudAwsAccountAccountOutput() GetCloudAwsAccountAccountOutput { + return i.ToGetCloudAwsAccountAccountOutputWithContext(context.Background()) +} + +func (i GetCloudAwsAccountAccountArgs) ToGetCloudAwsAccountAccountOutputWithContext(ctx context.Context) GetCloudAwsAccountAccountOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetCloudAwsAccountAccountOutput) +} + +// GetCloudAwsAccountAccountArrayInput is an input type that accepts GetCloudAwsAccountAccountArray and GetCloudAwsAccountAccountArrayOutput values. +// You can construct a concrete instance of `GetCloudAwsAccountAccountArrayInput` via: +// +// GetCloudAwsAccountAccountArray{ GetCloudAwsAccountAccountArgs{...} } +type GetCloudAwsAccountAccountArrayInput interface { + pulumi.Input + + ToGetCloudAwsAccountAccountArrayOutput() GetCloudAwsAccountAccountArrayOutput + ToGetCloudAwsAccountAccountArrayOutputWithContext(context.Context) GetCloudAwsAccountAccountArrayOutput +} + +type GetCloudAwsAccountAccountArray []GetCloudAwsAccountAccountInput + +func (GetCloudAwsAccountAccountArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetCloudAwsAccountAccount)(nil)).Elem() +} + +func (i GetCloudAwsAccountAccountArray) ToGetCloudAwsAccountAccountArrayOutput() GetCloudAwsAccountAccountArrayOutput { + return i.ToGetCloudAwsAccountAccountArrayOutputWithContext(context.Background()) +} + +func (i GetCloudAwsAccountAccountArray) ToGetCloudAwsAccountAccountArrayOutputWithContext(ctx context.Context) GetCloudAwsAccountAccountArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetCloudAwsAccountAccountArrayOutput) +} + +type GetCloudAwsAccountAccountOutput struct{ *pulumi.OutputState } + +func (GetCloudAwsAccountAccountOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetCloudAwsAccountAccount)(nil)).Elem() +} + +func (o GetCloudAwsAccountAccountOutput) ToGetCloudAwsAccountAccountOutput() GetCloudAwsAccountAccountOutput { + return o +} + +func (o GetCloudAwsAccountAccountOutput) ToGetCloudAwsAccountAccountOutputWithContext(ctx context.Context) GetCloudAwsAccountAccountOutput { + return o +} + +// The AWS Account ID +func (o GetCloudAwsAccountAccountOutput) AccountId() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.AccountId }).(pulumi.StringOutput) +} + +// The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type +func (o GetCloudAwsAccountAccountOutput) AccountType() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.AccountType }).(pulumi.StringOutput) +} + +// Whether asset inventory is enabled +func (o GetCloudAwsAccountAccountOutput) AssetInventoryEnabled() pulumi.BoolOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) bool { return v.AssetInventoryEnabled }).(pulumi.BoolOutput) +} + +// The name of the CloudTrail S3 bucket used for real-time visibility +func (o GetCloudAwsAccountAccountOutput) CloudtrailBucketName() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.CloudtrailBucketName }).(pulumi.StringOutput) +} + +// The AWS region of the CloudTrail bucket +func (o GetCloudAwsAccountAccountOutput) CloudtrailRegion() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.CloudtrailRegion }).(pulumi.StringOutput) +} + +// Whether Data Security Posture Management is enabled +func (o GetCloudAwsAccountAccountOutput) DspmEnabled() pulumi.BoolOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) bool { return v.DspmEnabled }).(pulumi.BoolOutput) +} + +// The ARN of the IAM role to be used by CrowdStrike DSPM +func (o GetCloudAwsAccountAccountOutput) DspmRoleArn() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.DspmRoleArn }).(pulumi.StringOutput) +} + +// The ARN of the Amazon EventBridge used by CrowdStrike to forward messages +func (o GetCloudAwsAccountAccountOutput) EventbusArn() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.EventbusArn }).(pulumi.StringOutput) +} + +// The name of the Amazon EventBridge used by CrowdStrike to forward messages +func (o GetCloudAwsAccountAccountOutput) EventbusName() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.EventbusName }).(pulumi.StringOutput) +} + +// The external ID used to assume the AWS IAM role +func (o GetCloudAwsAccountAccountOutput) ExternalId() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.ExternalId }).(pulumi.StringOutput) +} + +// The ARN of the AWS IAM role used to access this AWS account +func (o GetCloudAwsAccountAccountOutput) IamRoleArn() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.IamRoleArn }).(pulumi.StringOutput) +} + +// Whether Identity Protection is enabled +func (o GetCloudAwsAccountAccountOutput) IdpEnabled() pulumi.BoolOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) bool { return v.IdpEnabled }).(pulumi.BoolOutput) +} + +// The ARN of the intermediate role used to assume the AWS IAM role +func (o GetCloudAwsAccountAccountOutput) IntermediateRoleArn() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.IntermediateRoleArn }).(pulumi.StringOutput) +} + +// Indicates whether this is the management account (formerly known as the root account) of an AWS Organization +func (o GetCloudAwsAccountAccountOutput) IsOrganizationManagementAccount() pulumi.BoolOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) bool { return v.IsOrganizationManagementAccount }).(pulumi.BoolOutput) +} + +// The AWS Organization ID +func (o GetCloudAwsAccountAccountOutput) OrganizationId() pulumi.StringOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) string { return v.OrganizationId }).(pulumi.StringOutput) +} + +// Whether real-time visibility is enabled +func (o GetCloudAwsAccountAccountOutput) RealtimeVisibilityEnabled() pulumi.BoolOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) bool { return v.RealtimeVisibilityEnabled }).(pulumi.BoolOutput) +} + +// Whether 1-click sensor deployment is enabled +func (o GetCloudAwsAccountAccountOutput) SensorManagementEnabled() pulumi.BoolOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) bool { return v.SensorManagementEnabled }).(pulumi.BoolOutput) +} + +// The list of AWS Organizational Units (OUs) targeted for this account +func (o GetCloudAwsAccountAccountOutput) TargetOuses() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetCloudAwsAccountAccount) []string { return v.TargetOuses }).(pulumi.StringArrayOutput) +} + +type GetCloudAwsAccountAccountArrayOutput struct{ *pulumi.OutputState } + +func (GetCloudAwsAccountAccountArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetCloudAwsAccountAccount)(nil)).Elem() +} + +func (o GetCloudAwsAccountAccountArrayOutput) ToGetCloudAwsAccountAccountArrayOutput() GetCloudAwsAccountAccountArrayOutput { + return o +} + +func (o GetCloudAwsAccountAccountArrayOutput) ToGetCloudAwsAccountAccountArrayOutputWithContext(ctx context.Context) GetCloudAwsAccountAccountArrayOutput { + return o +} + +func (o GetCloudAwsAccountAccountArrayOutput) Index(i pulumi.IntInput) GetCloudAwsAccountAccountOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetCloudAwsAccountAccount { + return vs[0].([]GetCloudAwsAccountAccount)[vs[1].(int)] + }).(GetCloudAwsAccountAccountOutput) +} + type GetSensorUpdatePolicyBuildsLinux struct { // All sensor builds for the specific platform. Alls []GetSensorUpdatePolicyBuildsLinuxAll `pulumi:"alls"` @@ -4893,6 +5923,16 @@ func (o GetSensorUpdatePolicyBuildsWindowsN2Output) Stage() pulumi.StringOutput } func init() { + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountAssetInventoryInput)(nil)).Elem(), CloudAwsAccountAssetInventoryArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountAssetInventoryPtrInput)(nil)).Elem(), CloudAwsAccountAssetInventoryArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountDspmInput)(nil)).Elem(), CloudAwsAccountDspmArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountDspmPtrInput)(nil)).Elem(), CloudAwsAccountDspmArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountIdpInput)(nil)).Elem(), CloudAwsAccountIdpArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountIdpPtrInput)(nil)).Elem(), CloudAwsAccountIdpArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountRealtimeVisibilityInput)(nil)).Elem(), CloudAwsAccountRealtimeVisibilityArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountRealtimeVisibilityPtrInput)(nil)).Elem(), CloudAwsAccountRealtimeVisibilityArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountSensorManagementInput)(nil)).Elem(), CloudAwsAccountSensorManagementArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CloudAwsAccountSensorManagementPtrInput)(nil)).Elem(), CloudAwsAccountSensorManagementArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*FilevantagePolicyScheduledExclusionInput)(nil)).Elem(), FilevantagePolicyScheduledExclusionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*FilevantagePolicyScheduledExclusionArrayInput)(nil)).Elem(), FilevantagePolicyScheduledExclusionArray{}) pulumi.RegisterInputType(reflect.TypeOf((*FilevantagePolicyScheduledExclusionRepeatedInput)(nil)).Elem(), FilevantagePolicyScheduledExclusionRepeatedArgs{}) @@ -4929,6 +5969,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*SensorUpdatePolicySchedulePtrInput)(nil)).Elem(), SensorUpdatePolicyScheduleArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SensorUpdatePolicyScheduleTimeBlockInput)(nil)).Elem(), SensorUpdatePolicyScheduleTimeBlockArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*SensorUpdatePolicyScheduleTimeBlockArrayInput)(nil)).Elem(), SensorUpdatePolicyScheduleTimeBlockArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetCloudAwsAccountAccountInput)(nil)).Elem(), GetCloudAwsAccountAccountArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetCloudAwsAccountAccountArrayInput)(nil)).Elem(), GetCloudAwsAccountAccountArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSensorUpdatePolicyBuildsLinuxInput)(nil)).Elem(), GetSensorUpdatePolicyBuildsLinuxArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSensorUpdatePolicyBuildsLinuxAllInput)(nil)).Elem(), GetSensorUpdatePolicyBuildsLinuxAllArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSensorUpdatePolicyBuildsLinuxAllArrayInput)(nil)).Elem(), GetSensorUpdatePolicyBuildsLinuxAllArray{}) @@ -4953,6 +5995,16 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetSensorUpdatePolicyBuildsWindowsLatestInput)(nil)).Elem(), GetSensorUpdatePolicyBuildsWindowsLatestArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSensorUpdatePolicyBuildsWindowsN1Input)(nil)).Elem(), GetSensorUpdatePolicyBuildsWindowsN1Args{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSensorUpdatePolicyBuildsWindowsN2Input)(nil)).Elem(), GetSensorUpdatePolicyBuildsWindowsN2Args{}) + pulumi.RegisterOutputType(CloudAwsAccountAssetInventoryOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountAssetInventoryPtrOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountDspmOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountDspmPtrOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountIdpOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountIdpPtrOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountRealtimeVisibilityOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountRealtimeVisibilityPtrOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountSensorManagementOutput{}) + pulumi.RegisterOutputType(CloudAwsAccountSensorManagementPtrOutput{}) pulumi.RegisterOutputType(FilevantagePolicyScheduledExclusionOutput{}) pulumi.RegisterOutputType(FilevantagePolicyScheduledExclusionArrayOutput{}) pulumi.RegisterOutputType(FilevantagePolicyScheduledExclusionRepeatedOutput{}) @@ -4989,6 +6041,8 @@ func init() { pulumi.RegisterOutputType(SensorUpdatePolicySchedulePtrOutput{}) pulumi.RegisterOutputType(SensorUpdatePolicyScheduleTimeBlockOutput{}) pulumi.RegisterOutputType(SensorUpdatePolicyScheduleTimeBlockArrayOutput{}) + pulumi.RegisterOutputType(GetCloudAwsAccountAccountOutput{}) + pulumi.RegisterOutputType(GetCloudAwsAccountAccountArrayOutput{}) pulumi.RegisterOutputType(GetSensorUpdatePolicyBuildsLinuxOutput{}) pulumi.RegisterOutputType(GetSensorUpdatePolicyBuildsLinuxAllOutput{}) pulumi.RegisterOutputType(GetSensorUpdatePolicyBuildsLinuxAllArrayOutput{}) diff --git a/sdk/nodejs/cloudAwsAccount.ts b/sdk/nodejs/cloudAwsAccount.ts new file mode 100644 index 0000000..e3a98ac --- /dev/null +++ b/sdk/nodejs/cloudAwsAccount.ts @@ -0,0 +1,252 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "./types/input"; +import * as outputs from "./types/output"; +import * as utilities from "./utilities"; + +/** + * This resource allows management of an AWS account in Falcon. + * + * ## API Scopes + * + * The following API scopes are required: + * + * - Cloud security AWS registration | Read & Write + * - CSPM registration | Read & Write + */ +export class CloudAwsAccount extends pulumi.CustomResource { + /** + * Get an existing CloudAwsAccount resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: CloudAwsAccountState, opts?: pulumi.CustomResourceOptions): CloudAwsAccount { + return new CloudAwsAccount(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'crowdstrike:index/cloudAwsAccount:CloudAwsAccount'; + + /** + * Returns true if the given object is an instance of CloudAwsAccount. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is CloudAwsAccount { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === CloudAwsAccount.__pulumiType; + } + + /** + * The AWS Account ID + */ + public readonly accountId!: pulumi.Output; + /** + * The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + */ + public readonly accountType!: pulumi.Output; + public readonly assetInventory!: pulumi.Output; + /** + * The name of the CloudTrail S3 bucket used for real-time visibility + */ + public /*out*/ readonly cloudtrailBucketName!: pulumi.Output; + public readonly deploymentMethod!: pulumi.Output; + public readonly dspm!: pulumi.Output; + /** + * The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + */ + public /*out*/ readonly dspmRoleArn!: pulumi.Output; + /** + * The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + */ + public /*out*/ readonly eventbusArn!: pulumi.Output; + /** + * The name of the Amazon EventBridge used by CrowdStrike to forward messages + */ + public /*out*/ readonly eventbusName!: pulumi.Output; + /** + * The external ID used to assume the AWS IAM role + */ + public /*out*/ readonly externalId!: pulumi.Output; + /** + * The ARN of the AWS IAM role used to access this AWS account + */ + public /*out*/ readonly iamRoleArn!: pulumi.Output; + public readonly idp!: pulumi.Output; + /** + * The ARN of the intermediate role used to assume the AWS IAM role + */ + public /*out*/ readonly intermediateRoleArn!: pulumi.Output; + /** + * Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + */ + public readonly isOrganizationManagementAccount!: pulumi.Output; + /** + * The AWS Organization ID + */ + public readonly organizationId!: pulumi.Output; + public readonly realtimeVisibility!: pulumi.Output; + public readonly sensorManagement!: pulumi.Output; + /** + * The list of target Organizational Units + */ + public readonly targetOuses!: pulumi.Output; + + /** + * Create a CloudAwsAccount resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: CloudAwsAccountArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: CloudAwsAccountArgs | CloudAwsAccountState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as CloudAwsAccountState | undefined; + resourceInputs["accountId"] = state ? state.accountId : undefined; + resourceInputs["accountType"] = state ? state.accountType : undefined; + resourceInputs["assetInventory"] = state ? state.assetInventory : undefined; + resourceInputs["cloudtrailBucketName"] = state ? state.cloudtrailBucketName : undefined; + resourceInputs["deploymentMethod"] = state ? state.deploymentMethod : undefined; + resourceInputs["dspm"] = state ? state.dspm : undefined; + resourceInputs["dspmRoleArn"] = state ? state.dspmRoleArn : undefined; + resourceInputs["eventbusArn"] = state ? state.eventbusArn : undefined; + resourceInputs["eventbusName"] = state ? state.eventbusName : undefined; + resourceInputs["externalId"] = state ? state.externalId : undefined; + resourceInputs["iamRoleArn"] = state ? state.iamRoleArn : undefined; + resourceInputs["idp"] = state ? state.idp : undefined; + resourceInputs["intermediateRoleArn"] = state ? state.intermediateRoleArn : undefined; + resourceInputs["isOrganizationManagementAccount"] = state ? state.isOrganizationManagementAccount : undefined; + resourceInputs["organizationId"] = state ? state.organizationId : undefined; + resourceInputs["realtimeVisibility"] = state ? state.realtimeVisibility : undefined; + resourceInputs["sensorManagement"] = state ? state.sensorManagement : undefined; + resourceInputs["targetOuses"] = state ? state.targetOuses : undefined; + } else { + const args = argsOrState as CloudAwsAccountArgs | undefined; + if ((!args || args.accountId === undefined) && !opts.urn) { + throw new Error("Missing required property 'accountId'"); + } + resourceInputs["accountId"] = args ? args.accountId : undefined; + resourceInputs["accountType"] = args ? args.accountType : undefined; + resourceInputs["assetInventory"] = args ? args.assetInventory : undefined; + resourceInputs["deploymentMethod"] = args ? args.deploymentMethod : undefined; + resourceInputs["dspm"] = args ? args.dspm : undefined; + resourceInputs["idp"] = args ? args.idp : undefined; + resourceInputs["isOrganizationManagementAccount"] = args ? args.isOrganizationManagementAccount : undefined; + resourceInputs["organizationId"] = args ? args.organizationId : undefined; + resourceInputs["realtimeVisibility"] = args ? args.realtimeVisibility : undefined; + resourceInputs["sensorManagement"] = args ? args.sensorManagement : undefined; + resourceInputs["targetOuses"] = args ? args.targetOuses : undefined; + resourceInputs["cloudtrailBucketName"] = undefined /*out*/; + resourceInputs["dspmRoleArn"] = undefined /*out*/; + resourceInputs["eventbusArn"] = undefined /*out*/; + resourceInputs["eventbusName"] = undefined /*out*/; + resourceInputs["externalId"] = undefined /*out*/; + resourceInputs["iamRoleArn"] = undefined /*out*/; + resourceInputs["intermediateRoleArn"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(CloudAwsAccount.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering CloudAwsAccount resources. + */ +export interface CloudAwsAccountState { + /** + * The AWS Account ID + */ + accountId?: pulumi.Input; + /** + * The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + */ + accountType?: pulumi.Input; + assetInventory?: pulumi.Input; + /** + * The name of the CloudTrail S3 bucket used for real-time visibility + */ + cloudtrailBucketName?: pulumi.Input; + deploymentMethod?: pulumi.Input; + dspm?: pulumi.Input; + /** + * The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + */ + dspmRoleArn?: pulumi.Input; + /** + * The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + */ + eventbusArn?: pulumi.Input; + /** + * The name of the Amazon EventBridge used by CrowdStrike to forward messages + */ + eventbusName?: pulumi.Input; + /** + * The external ID used to assume the AWS IAM role + */ + externalId?: pulumi.Input; + /** + * The ARN of the AWS IAM role used to access this AWS account + */ + iamRoleArn?: pulumi.Input; + idp?: pulumi.Input; + /** + * The ARN of the intermediate role used to assume the AWS IAM role + */ + intermediateRoleArn?: pulumi.Input; + /** + * Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + */ + isOrganizationManagementAccount?: pulumi.Input; + /** + * The AWS Organization ID + */ + organizationId?: pulumi.Input; + realtimeVisibility?: pulumi.Input; + sensorManagement?: pulumi.Input; + /** + * The list of target Organizational Units + */ + targetOuses?: pulumi.Input[]>; +} + +/** + * The set of arguments for constructing a CloudAwsAccount resource. + */ +export interface CloudAwsAccountArgs { + /** + * The AWS Account ID + */ + accountId: pulumi.Input; + /** + * The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + */ + accountType?: pulumi.Input; + assetInventory?: pulumi.Input; + deploymentMethod?: pulumi.Input; + dspm?: pulumi.Input; + idp?: pulumi.Input; + /** + * Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + */ + isOrganizationManagementAccount?: pulumi.Input; + /** + * The AWS Organization ID + */ + organizationId?: pulumi.Input; + realtimeVisibility?: pulumi.Input; + sensorManagement?: pulumi.Input; + /** + * The list of target Organizational Units + */ + targetOuses?: pulumi.Input[]>; +} diff --git a/sdk/nodejs/config/vars.ts b/sdk/nodejs/config/vars.ts index a8fc6e6..ebb88a2 100644 --- a/sdk/nodejs/config/vars.ts +++ b/sdk/nodejs/config/vars.ts @@ -32,7 +32,8 @@ Object.defineProperty(exports, "clientSecret", { }); /** - * Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + * Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + * environment variable when left blank. */ export declare const cloud: string | undefined; Object.defineProperty(exports, "cloud", { @@ -42,3 +43,14 @@ Object.defineProperty(exports, "cloud", { enumerable: true, }); +/** + * For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + */ +export declare const memberCid: string | undefined; +Object.defineProperty(exports, "memberCid", { + get() { + return __config.get("memberCid"); + }, + enumerable: true, +}); + diff --git a/sdk/nodejs/getCloudAwsAccount.ts b/sdk/nodejs/getCloudAwsAccount.ts new file mode 100644 index 0000000..df198e9 --- /dev/null +++ b/sdk/nodejs/getCloudAwsAccount.ts @@ -0,0 +1,124 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "./types/input"; +import * as outputs from "./types/output"; +import * as utilities from "./utilities"; + +/** + * This data source provides information about AWS accounts in Falcon. + * + * ## API Scopes + * + * The following API scopes are required: + * + * - Cloud security AWS registration | Read & Write + * - CSPM registration | Read & Write + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as crowdstrike from "@pulumi/crowdstrike"; + * + * const all = crowdstrike.getCloudAwsAccount({}); + * const specific = crowdstrike.getCloudAwsAccount({ + * accountId: "123456789012", + * }); + * const org = crowdstrike.getCloudAwsAccount({ + * organizationId: "o-123456789012", + * }); + * ``` + */ +export function getCloudAwsAccount(args?: GetCloudAwsAccountArgs, opts?: pulumi.InvokeOptions): Promise { + args = args || {}; + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount", { + "accountId": args.accountId, + "organizationId": args.organizationId, + }, opts); +} + +/** + * A collection of arguments for invoking getCloudAwsAccount. + */ +export interface GetCloudAwsAccountArgs { + /** + * Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organizationId filter for OR matching + */ + accountId?: string; + /** + * Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with accountId filter for OR matching + */ + organizationId?: string; +} + +/** + * A collection of values returned by getCloudAwsAccount. + */ +export interface GetCloudAwsAccountResult { + /** + * Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organizationId filter for OR matching + */ + readonly accountId?: string; + /** + * The list of AWS accounts + */ + readonly accounts: outputs.GetCloudAwsAccountAccount[]; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + /** + * Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with accountId filter for OR matching + */ + readonly organizationId?: string; +} +/** + * This data source provides information about AWS accounts in Falcon. + * + * ## API Scopes + * + * The following API scopes are required: + * + * - Cloud security AWS registration | Read & Write + * - CSPM registration | Read & Write + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as crowdstrike from "@pulumi/crowdstrike"; + * + * const all = crowdstrike.getCloudAwsAccount({}); + * const specific = crowdstrike.getCloudAwsAccount({ + * accountId: "123456789012", + * }); + * const org = crowdstrike.getCloudAwsAccount({ + * organizationId: "o-123456789012", + * }); + * ``` + */ +export function getCloudAwsAccountOutput(args?: GetCloudAwsAccountOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { + args = args || {}; + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invokeOutput("crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount", { + "accountId": args.accountId, + "organizationId": args.organizationId, + }, opts); +} + +/** + * A collection of arguments for invoking getCloudAwsAccount. + */ +export interface GetCloudAwsAccountOutputArgs { + /** + * Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organizationId filter for OR matching + */ + accountId?: pulumi.Input; + /** + * Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with accountId filter for OR matching + */ + organizationId?: pulumi.Input; +} diff --git a/sdk/nodejs/index.ts b/sdk/nodejs/index.ts index a8e6eb0..60029f2 100644 --- a/sdk/nodejs/index.ts +++ b/sdk/nodejs/index.ts @@ -5,6 +5,11 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "./utilities"; // Export members: +export { CloudAwsAccountArgs, CloudAwsAccountState } from "./cloudAwsAccount"; +export type CloudAwsAccount = import("./cloudAwsAccount").CloudAwsAccount; +export const CloudAwsAccount: typeof import("./cloudAwsAccount").CloudAwsAccount = null as any; +utilities.lazyLoad(exports, ["CloudAwsAccount"], () => require("./cloudAwsAccount")); + export { FilevantagePolicyArgs, FilevantagePolicyState } from "./filevantagePolicy"; export type FilevantagePolicy = import("./filevantagePolicy").FilevantagePolicy; export const FilevantagePolicy: typeof import("./filevantagePolicy").FilevantagePolicy = null as any; @@ -15,6 +20,11 @@ export type FilevantageRuleGroup = import("./filevantageRuleGroup").FilevantageR export const FilevantageRuleGroup: typeof import("./filevantageRuleGroup").FilevantageRuleGroup = null as any; utilities.lazyLoad(exports, ["FilevantageRuleGroup"], () => require("./filevantageRuleGroup")); +export { GetCloudAwsAccountArgs, GetCloudAwsAccountResult, GetCloudAwsAccountOutputArgs } from "./getCloudAwsAccount"; +export const getCloudAwsAccount: typeof import("./getCloudAwsAccount").getCloudAwsAccount = null as any; +export const getCloudAwsAccountOutput: typeof import("./getCloudAwsAccount").getCloudAwsAccountOutput = null as any; +utilities.lazyLoad(exports, ["getCloudAwsAccount","getCloudAwsAccountOutput"], () => require("./getCloudAwsAccount")); + export { GetSensorUpdatePolicyBuildsResult } from "./getSensorUpdatePolicyBuilds"; export const getSensorUpdatePolicyBuilds: typeof import("./getSensorUpdatePolicyBuilds").getSensorUpdatePolicyBuilds = null as any; export const getSensorUpdatePolicyBuildsOutput: typeof import("./getSensorUpdatePolicyBuilds").getSensorUpdatePolicyBuildsOutput = null as any; @@ -64,6 +74,8 @@ const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { switch (type) { + case "crowdstrike:index/cloudAwsAccount:CloudAwsAccount": + return new CloudAwsAccount(name, undefined, { urn }) case "crowdstrike:index/filevantagePolicy:FilevantagePolicy": return new FilevantagePolicy(name, undefined, { urn }) case "crowdstrike:index/filevantageRuleGroup:FilevantageRuleGroup": @@ -83,6 +95,7 @@ const _module = { } }, }; +pulumi.runtime.registerResourceModule("crowdstrike", "index/cloudAwsAccount", _module) pulumi.runtime.registerResourceModule("crowdstrike", "index/filevantagePolicy", _module) pulumi.runtime.registerResourceModule("crowdstrike", "index/filevantageRuleGroup", _module) pulumi.runtime.registerResourceModule("crowdstrike", "index/hostGroup", _module) diff --git a/sdk/nodejs/preventionPolicyLinux.ts b/sdk/nodejs/preventionPolicyLinux.ts index a83f006..1f0bc74 100644 --- a/sdk/nodejs/preventionPolicyLinux.ts +++ b/sdk/nodejs/preventionPolicyLinux.ts @@ -24,7 +24,7 @@ import * as utilities from "./utilities"; * const example = new crowdstrike.PreventionPolicyLinux("example", { * enabled: true, * description: "Made with Pulumi", - * hostGroups: ["d6e3c1e1b3d0467da0fowc96a5e6ecb5"], + * hostGroups: [], * ioaRuleGroups: [], * cloudAntiMalware: { * detection: "MODERATE", @@ -47,6 +47,9 @@ import * as utilities from "./utilities"; * httpVisibility: true, * networkVisibility: true, * tlsVisibility: true, + * sensorTamperingProtection: true, + * onWriteScriptFileVisibility: true, + * memoryVisibility: true, * }); * export const preventionPolicyLinux = example; * ``` @@ -132,6 +135,10 @@ export class PreventionPolicyLinux extends pulumi.CustomResource { */ public readonly ioaRuleGroups!: pulumi.Output; public /*out*/ readonly lastUpdated!: pulumi.Output; + /** + * Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + */ + public readonly memoryVisibility!: pulumi.Output; /** * Name of the prevention policy. */ @@ -140,6 +147,10 @@ export class PreventionPolicyLinux extends pulumi.CustomResource { * Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. */ public readonly networkVisibility!: pulumi.Output; + /** + * Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + */ + public readonly onWriteScriptFileVisibility!: pulumi.Output; /** * Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. */ @@ -156,6 +167,10 @@ export class PreventionPolicyLinux extends pulumi.CustomResource { * For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. */ public readonly sensorAntiMalware!: pulumi.Output; + /** + * Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + */ + public readonly sensorTamperingProtection!: pulumi.Output; /** * Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. */ @@ -194,12 +209,15 @@ export class PreventionPolicyLinux extends pulumi.CustomResource { resourceInputs["httpVisibility"] = state ? state.httpVisibility : undefined; resourceInputs["ioaRuleGroups"] = state ? state.ioaRuleGroups : undefined; resourceInputs["lastUpdated"] = state ? state.lastUpdated : undefined; + resourceInputs["memoryVisibility"] = state ? state.memoryVisibility : undefined; resourceInputs["name"] = state ? state.name : undefined; resourceInputs["networkVisibility"] = state ? state.networkVisibility : undefined; + resourceInputs["onWriteScriptFileVisibility"] = state ? state.onWriteScriptFileVisibility : undefined; resourceInputs["preventSuspiciousProcesses"] = state ? state.preventSuspiciousProcesses : undefined; resourceInputs["quarantine"] = state ? state.quarantine : undefined; resourceInputs["scriptBasedExecutionMonitoring"] = state ? state.scriptBasedExecutionMonitoring : undefined; resourceInputs["sensorAntiMalware"] = state ? state.sensorAntiMalware : undefined; + resourceInputs["sensorTamperingProtection"] = state ? state.sensorTamperingProtection : undefined; resourceInputs["tlsVisibility"] = state ? state.tlsVisibility : undefined; resourceInputs["uploadUnknownDetectionRelatedExecutables"] = state ? state.uploadUnknownDetectionRelatedExecutables : undefined; resourceInputs["uploadUnknownExecutables"] = state ? state.uploadUnknownExecutables : undefined; @@ -222,12 +240,15 @@ export class PreventionPolicyLinux extends pulumi.CustomResource { resourceInputs["hostGroups"] = args ? args.hostGroups : undefined; resourceInputs["httpVisibility"] = args ? args.httpVisibility : undefined; resourceInputs["ioaRuleGroups"] = args ? args.ioaRuleGroups : undefined; + resourceInputs["memoryVisibility"] = args ? args.memoryVisibility : undefined; resourceInputs["name"] = args ? args.name : undefined; resourceInputs["networkVisibility"] = args ? args.networkVisibility : undefined; + resourceInputs["onWriteScriptFileVisibility"] = args ? args.onWriteScriptFileVisibility : undefined; resourceInputs["preventSuspiciousProcesses"] = args ? args.preventSuspiciousProcesses : undefined; resourceInputs["quarantine"] = args ? args.quarantine : undefined; resourceInputs["scriptBasedExecutionMonitoring"] = args ? args.scriptBasedExecutionMonitoring : undefined; resourceInputs["sensorAntiMalware"] = args ? args.sensorAntiMalware : undefined; + resourceInputs["sensorTamperingProtection"] = args ? args.sensorTamperingProtection : undefined; resourceInputs["tlsVisibility"] = args ? args.tlsVisibility : undefined; resourceInputs["uploadUnknownDetectionRelatedExecutables"] = args ? args.uploadUnknownDetectionRelatedExecutables : undefined; resourceInputs["uploadUnknownExecutables"] = args ? args.uploadUnknownExecutables : undefined; @@ -287,6 +308,10 @@ export interface PreventionPolicyLinuxState { */ ioaRuleGroups?: pulumi.Input[]>; lastUpdated?: pulumi.Input; + /** + * Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + */ + memoryVisibility?: pulumi.Input; /** * Name of the prevention policy. */ @@ -295,6 +320,10 @@ export interface PreventionPolicyLinuxState { * Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. */ networkVisibility?: pulumi.Input; + /** + * Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + */ + onWriteScriptFileVisibility?: pulumi.Input; /** * Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. */ @@ -311,6 +340,10 @@ export interface PreventionPolicyLinuxState { * For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. */ sensorAntiMalware?: pulumi.Input; + /** + * Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + */ + sensorTamperingProtection?: pulumi.Input; /** * Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. */ @@ -373,6 +406,10 @@ export interface PreventionPolicyLinuxArgs { * IOA Rule Group to attach to the prevention policy. */ ioaRuleGroups: pulumi.Input[]>; + /** + * Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + */ + memoryVisibility?: pulumi.Input; /** * Name of the prevention policy. */ @@ -381,6 +418,10 @@ export interface PreventionPolicyLinuxArgs { * Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. */ networkVisibility?: pulumi.Input; + /** + * Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + */ + onWriteScriptFileVisibility?: pulumi.Input; /** * Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. */ @@ -397,6 +438,10 @@ export interface PreventionPolicyLinuxArgs { * For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. */ sensorAntiMalware?: pulumi.Input; + /** + * Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + */ + sensorTamperingProtection?: pulumi.Input; /** * Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. */ diff --git a/sdk/nodejs/preventionPolicyMac.ts b/sdk/nodejs/preventionPolicyMac.ts index 709be51..72f8387 100644 --- a/sdk/nodejs/preventionPolicyMac.ts +++ b/sdk/nodejs/preventionPolicyMac.ts @@ -24,7 +24,7 @@ import * as utilities from "./utilities"; * const example = new crowdstrike.PreventionPolicyMac("example", { * enabled: false, * description: "Made with Pulumi", - * hostGroups: ["d6e3c1e1b3d0467da0fowc96a5e6ecb5"], + * hostGroups: [], * ioaRuleGroups: [], * cloudAdwareAndPup: { * detection: "MODERATE", diff --git a/sdk/nodejs/preventionPolicyWindows.ts b/sdk/nodejs/preventionPolicyWindows.ts index 788e4b1..5fb448c 100644 --- a/sdk/nodejs/preventionPolicyWindows.ts +++ b/sdk/nodejs/preventionPolicyWindows.ts @@ -22,9 +22,9 @@ import * as utilities from "./utilities"; * import * as crowdstrike from "@crowdstrike/pulumi"; * * const example = new crowdstrike.PreventionPolicyWindows("example", { - * enabled: false, + * enabled: true, * description: "Made with Pulumi", - * hostGroups: ["d6e3c1e1b3d0467da0fowc96a5e6ecb5"], + * hostGroups: [], * ioaRuleGroups: [], * adwareAndPup: { * detection: "MODERATE", @@ -53,56 +53,57 @@ import * as utilities from "./utilities"; * extendedUserModeData: { * detection: "MODERATE", * }, - * usbInsertionTriggeredScan: false, - * applicationExploitationActivity: false, - * additionalUserModeData: false, - * notifyEndUsers: false, - * advancedRemediation: false, - * backupDeletion: false, - * biosDeepVisibility: false, - * chopperWebshell: false, - * codeInjection: false, - * credentialDumping: false, - * cryptowall: false, - * customBlocking: false, - * detectOnWrite: false, - * driveByDownload: false, - * driverLoadPrevention: false, - * interpreterOnly: false, - * engineFullVisibility: false, - * enhancedExploitationVisibility: false, - * enhancedMlForLargerFiles: false, - * fileEncryption: false, - * fileSystemAccess: false, - * forceAslr: false, - * forceDep: false, - * heapSprayPreallocation: false, - * nullPageAllocation: false, - * sehOverwriteProtection: false, - * hardwareEnhancedExploitDetection: false, - * httpDetections: false, - * redactHttpDetectionDetails: false, - * intelligenceSourcedThreats: false, - * javascriptViaRundll32: false, - * locky: false, - * memoryScanning: false, - * memoryScanningScanWithCpu: false, - * microsoftOfficeFileSuspiciousMacroRemoval: false, - * onWriteScriptFileVisibility: false, - * preventSuspiciousProcesses: false, - * quarantineAndSecurityCenterRegistration: false, - * quarantineOnRemovableMedia: false, - * quarantineOnWrite: false, - * scriptBasedExecutionMonitoring: false, - * sensorTamperingProtection: false, - * suspiciousRegistryOperations: false, - * suspiciousScriptsAndCommands: false, - * uploadUnknownExecutables: false, - * uploadUnknownDetectionRelatedExecutables: false, - * volumeShadowCopyAudit: false, - * volumeShadowCopyProtect: false, - * vulnerableDriverProtection: false, - * windowsLogonBypassStickyKeys: false, + * usbInsertionTriggeredScan: true, + * applicationExploitationActivity: true, + * additionalUserModeData: true, + * notifyEndUsers: true, + * advancedRemediation: true, + * backupDeletion: true, + * biosDeepVisibility: true, + * chopperWebshell: true, + * codeInjection: true, + * credentialDumping: true, + * cryptowall: true, + * customBlocking: true, + * detectOnWrite: true, + * driveByDownload: true, + * driverLoadPrevention: true, + * interpreterOnly: true, + * engineFullVisibility: true, + * enhancedExploitationVisibility: true, + * enhancedDllLoadVisibility: true, + * enhancedMlForLargerFiles: true, + * fileEncryption: true, + * fileSystemAccess: true, + * forceAslr: true, + * forceDep: true, + * heapSprayPreallocation: true, + * nullPageAllocation: true, + * sehOverwriteProtection: true, + * hardwareEnhancedExploitDetection: true, + * httpDetections: true, + * redactHttpDetectionDetails: true, + * intelligenceSourcedThreats: true, + * javascriptViaRundll32: true, + * locky: true, + * memoryScanning: true, + * memoryScanningScanWithCpu: true, + * microsoftOfficeFileSuspiciousMacroRemoval: true, + * onWriteScriptFileVisibility: true, + * preventSuspiciousProcesses: true, + * quarantineAndSecurityCenterRegistration: true, + * quarantineOnRemovableMedia: true, + * quarantineOnWrite: true, + * scriptBasedExecutionMonitoring: true, + * sensorTamperingProtection: true, + * suspiciousRegistryOperations: true, + * suspiciousScriptsAndCommands: true, + * uploadUnknownExecutables: true, + * uploadUnknownDetectionRelatedExecutables: true, + * volumeShadowCopyAudit: true, + * volumeShadowCopyProtect: true, + * vulnerableDriverProtection: true, + * windowsLogonBypassStickyKeys: true, * }); * export const preventionPolicyWindows = example; * ``` @@ -223,6 +224,10 @@ export class PreventionPolicyWindows extends pulumi.CustomResource { * Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreterOnly to be enabled. */ public readonly engineFullVisibility!: pulumi.Output; + /** + * Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + */ + public readonly enhancedDllLoadVisibility!: pulumi.Output; /** * Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. */ @@ -426,6 +431,7 @@ export class PreventionPolicyWindows extends pulumi.CustomResource { resourceInputs["driverLoadPrevention"] = state ? state.driverLoadPrevention : undefined; resourceInputs["enabled"] = state ? state.enabled : undefined; resourceInputs["engineFullVisibility"] = state ? state.engineFullVisibility : undefined; + resourceInputs["enhancedDllLoadVisibility"] = state ? state.enhancedDllLoadVisibility : undefined; resourceInputs["enhancedExploitationVisibility"] = state ? state.enhancedExploitationVisibility : undefined; resourceInputs["enhancedMlForLargerFiles"] = state ? state.enhancedMlForLargerFiles : undefined; resourceInputs["extendedUserModeData"] = state ? state.extendedUserModeData : undefined; @@ -497,6 +503,7 @@ export class PreventionPolicyWindows extends pulumi.CustomResource { resourceInputs["driverLoadPrevention"] = args ? args.driverLoadPrevention : undefined; resourceInputs["enabled"] = args ? args.enabled : undefined; resourceInputs["engineFullVisibility"] = args ? args.engineFullVisibility : undefined; + resourceInputs["enhancedDllLoadVisibility"] = args ? args.enhancedDllLoadVisibility : undefined; resourceInputs["enhancedExploitationVisibility"] = args ? args.enhancedExploitationVisibility : undefined; resourceInputs["enhancedMlForLargerFiles"] = args ? args.enhancedMlForLargerFiles : undefined; resourceInputs["extendedUserModeData"] = args ? args.extendedUserModeData : undefined; @@ -630,6 +637,10 @@ export interface PreventionPolicyWindowsState { * Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreterOnly to be enabled. */ engineFullVisibility?: pulumi.Input; + /** + * Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + */ + enhancedDllLoadVisibility?: pulumi.Input; /** * Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. */ @@ -885,6 +896,10 @@ export interface PreventionPolicyWindowsArgs { * Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreterOnly to be enabled. */ engineFullVisibility?: pulumi.Input; + /** + * Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + */ + enhancedDllLoadVisibility?: pulumi.Input; /** * Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. */ diff --git a/sdk/nodejs/provider.ts b/sdk/nodejs/provider.ts index c07cf12..e62cf23 100644 --- a/sdk/nodejs/provider.ts +++ b/sdk/nodejs/provider.ts @@ -36,9 +36,14 @@ export class Provider extends pulumi.ProviderResource { */ public readonly clientSecret!: pulumi.Output; /** - * Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + * Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + * environment variable when left blank. */ public readonly cloud!: pulumi.Output; + /** + * For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + */ + public readonly memberCid!: pulumi.Output; /** * Create a Provider resource with the given unique name, arguments, and options. @@ -54,6 +59,7 @@ export class Provider extends pulumi.ProviderResource { resourceInputs["clientId"] = args?.clientId ? pulumi.secret(args.clientId) : undefined; resourceInputs["clientSecret"] = args?.clientSecret ? pulumi.secret(args.clientSecret) : undefined; resourceInputs["cloud"] = args ? args.cloud : undefined; + resourceInputs["memberCid"] = args ? args.memberCid : undefined; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); const secretOpts = { additionalSecretOutputs: ["clientId", "clientSecret"] }; @@ -77,7 +83,12 @@ export interface ProviderArgs { */ clientSecret?: pulumi.Input; /** - * Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + * Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + * environment variable when left blank. */ cloud?: pulumi.Input; + /** + * For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + */ + memberCid?: pulumi.Input; } diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json index bffa9d3..af0192c 100644 --- a/sdk/nodejs/tsconfig.json +++ b/sdk/nodejs/tsconfig.json @@ -13,10 +13,12 @@ "strict": true }, "files": [ + "cloudAwsAccount.ts", "config/index.ts", "config/vars.ts", "filevantagePolicy.ts", "filevantageRuleGroup.ts", + "getCloudAwsAccount.ts", "getSensorUpdatePolicyBuilds.ts", "hostGroup.ts", "index.ts", diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index c257714..2fb7623 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -5,6 +5,61 @@ import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; +export interface CloudAwsAccountAssetInventory { + /** + * Enable asset inventory + */ + enabled: pulumi.Input; + /** + * Custom AWS IAM role name + */ + roleName?: pulumi.Input; +} + +export interface CloudAwsAccountDspm { + /** + * Enable Data Security Posture Management + */ + enabled: pulumi.Input; + /** + * Custom AWS IAM role name for Data Security Posture Management + */ + roleName?: pulumi.Input; +} + +export interface CloudAwsAccountIdp { + /** + * Enable Identity Protection + */ + enabled: pulumi.Input; + /** + * Current status of the Identity Protection integration + */ + status?: pulumi.Input; +} + +export interface CloudAwsAccountRealtimeVisibility { + /** + * The AWS region of the CloudTrail bucket + */ + cloudtrailRegion: pulumi.Input; + /** + * Enable real-time visibility and detection + */ + enabled: pulumi.Input; + /** + * Set to true if a CloudTrail already exists + */ + useExistingCloudtrail?: pulumi.Input; +} + +export interface CloudAwsAccountSensorManagement { + /** + * Enable 1-click sensor deployment + */ + enabled: pulumi.Input; +} + export interface FilevantagePolicyScheduledExclusion { /** * Description of the scheduled exclusion. diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index 8c5ab05..d301566 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -5,6 +5,61 @@ import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; +export interface CloudAwsAccountAssetInventory { + /** + * Enable asset inventory + */ + enabled: boolean; + /** + * Custom AWS IAM role name + */ + roleName?: string; +} + +export interface CloudAwsAccountDspm { + /** + * Enable Data Security Posture Management + */ + enabled: boolean; + /** + * Custom AWS IAM role name for Data Security Posture Management + */ + roleName?: string; +} + +export interface CloudAwsAccountIdp { + /** + * Enable Identity Protection + */ + enabled: boolean; + /** + * Current status of the Identity Protection integration + */ + status: string; +} + +export interface CloudAwsAccountRealtimeVisibility { + /** + * The AWS region of the CloudTrail bucket + */ + cloudtrailRegion: string; + /** + * Enable real-time visibility and detection + */ + enabled: boolean; + /** + * Set to true if a CloudTrail already exists + */ + useExistingCloudtrail: boolean; +} + +export interface CloudAwsAccountSensorManagement { + /** + * Enable 1-click sensor deployment + */ + enabled: boolean; +} + export interface FilevantagePolicyScheduledExclusion { /** * Description of the scheduled exclusion. @@ -214,6 +269,81 @@ export interface FilevantageRuleGroupRule { watchKeyValueSetChanges: boolean; } +export interface GetCloudAwsAccountAccount { + /** + * The AWS Account ID + */ + accountId: string; + /** + * The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + */ + accountType: string; + /** + * Whether asset inventory is enabled + */ + assetInventoryEnabled: boolean; + /** + * The name of the CloudTrail S3 bucket used for real-time visibility + */ + cloudtrailBucketName: string; + /** + * The AWS region of the CloudTrail bucket + */ + cloudtrailRegion: string; + /** + * Whether Data Security Posture Management is enabled + */ + dspmEnabled: boolean; + /** + * The ARN of the IAM role to be used by CrowdStrike DSPM + */ + dspmRoleArn: string; + /** + * The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + */ + eventbusArn: string; + /** + * The name of the Amazon EventBridge used by CrowdStrike to forward messages + */ + eventbusName: string; + /** + * The external ID used to assume the AWS IAM role + */ + externalId: string; + /** + * The ARN of the AWS IAM role used to access this AWS account + */ + iamRoleArn: string; + /** + * Whether Identity Protection is enabled + */ + idpEnabled: boolean; + /** + * The ARN of the intermediate role used to assume the AWS IAM role + */ + intermediateRoleArn: string; + /** + * Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + */ + isOrganizationManagementAccount: boolean; + /** + * The AWS Organization ID + */ + organizationId: string; + /** + * Whether real-time visibility is enabled + */ + realtimeVisibilityEnabled: boolean; + /** + * Whether 1-click sensor deployment is enabled + */ + sensorManagementEnabled: boolean; + /** + * The list of AWS Organizational Units (OUs) targeted for this account + */ + targetOuses: string[]; +} + export interface GetSensorUpdatePolicyBuildsLinux { /** * All sensor builds for the specific platform. diff --git a/sdk/python/crowdstrike_pulumi/__init__.py b/sdk/python/crowdstrike_pulumi/__init__.py index 9fe809f..3362998 100644 --- a/sdk/python/crowdstrike_pulumi/__init__.py +++ b/sdk/python/crowdstrike_pulumi/__init__.py @@ -5,8 +5,10 @@ from . import _utilities import typing # Export this package's modules as members: +from .cloud_aws_account import * from .filevantage_policy import * from .filevantage_rule_group import * +from .get_cloud_aws_account import * from .get_sensor_update_policy_builds import * from .host_group import * from .prevention_policy_linux import * @@ -27,6 +29,14 @@ _utilities.register( resource_modules=""" [ + { + "pkg": "crowdstrike", + "mod": "index/cloudAwsAccount", + "fqn": "crowdstrike_pulumi", + "classes": { + "crowdstrike:index/cloudAwsAccount:CloudAwsAccount": "CloudAwsAccount" + } + }, { "pkg": "crowdstrike", "mod": "index/filevantagePolicy", diff --git a/sdk/python/crowdstrike_pulumi/_inputs.py b/sdk/python/crowdstrike_pulumi/_inputs.py index 4f2d243..2ddbbb8 100644 --- a/sdk/python/crowdstrike_pulumi/_inputs.py +++ b/sdk/python/crowdstrike_pulumi/_inputs.py @@ -15,6 +15,16 @@ from . import _utilities __all__ = [ + 'CloudAwsAccountAssetInventoryArgs', + 'CloudAwsAccountAssetInventoryArgsDict', + 'CloudAwsAccountDspmArgs', + 'CloudAwsAccountDspmArgsDict', + 'CloudAwsAccountIdpArgs', + 'CloudAwsAccountIdpArgsDict', + 'CloudAwsAccountRealtimeVisibilityArgs', + 'CloudAwsAccountRealtimeVisibilityArgsDict', + 'CloudAwsAccountSensorManagementArgs', + 'CloudAwsAccountSensorManagementArgsDict', 'FilevantagePolicyScheduledExclusionArgs', 'FilevantagePolicyScheduledExclusionArgsDict', 'FilevantagePolicyScheduledExclusionRepeatedArgs', @@ -55,6 +65,260 @@ MYPY = False +if not MYPY: + class CloudAwsAccountAssetInventoryArgsDict(TypedDict): + enabled: pulumi.Input[bool] + """ + Enable asset inventory + """ + role_name: NotRequired[pulumi.Input[str]] + """ + Custom AWS IAM role name + """ +elif False: + CloudAwsAccountAssetInventoryArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class CloudAwsAccountAssetInventoryArgs: + def __init__(__self__, *, + enabled: pulumi.Input[bool], + role_name: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[bool] enabled: Enable asset inventory + :param pulumi.Input[str] role_name: Custom AWS IAM role name + """ + pulumi.set(__self__, "enabled", enabled) + if role_name is not None: + pulumi.set(__self__, "role_name", role_name) + + @property + @pulumi.getter + def enabled(self) -> pulumi.Input[bool]: + """ + Enable asset inventory + """ + return pulumi.get(self, "enabled") + + @enabled.setter + def enabled(self, value: pulumi.Input[bool]): + pulumi.set(self, "enabled", value) + + @property + @pulumi.getter(name="roleName") + def role_name(self) -> Optional[pulumi.Input[str]]: + """ + Custom AWS IAM role name + """ + return pulumi.get(self, "role_name") + + @role_name.setter + def role_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role_name", value) + + +if not MYPY: + class CloudAwsAccountDspmArgsDict(TypedDict): + enabled: pulumi.Input[bool] + """ + Enable Data Security Posture Management + """ + role_name: NotRequired[pulumi.Input[str]] + """ + Custom AWS IAM role name for Data Security Posture Management + """ +elif False: + CloudAwsAccountDspmArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class CloudAwsAccountDspmArgs: + def __init__(__self__, *, + enabled: pulumi.Input[bool], + role_name: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[bool] enabled: Enable Data Security Posture Management + :param pulumi.Input[str] role_name: Custom AWS IAM role name for Data Security Posture Management + """ + pulumi.set(__self__, "enabled", enabled) + if role_name is not None: + pulumi.set(__self__, "role_name", role_name) + + @property + @pulumi.getter + def enabled(self) -> pulumi.Input[bool]: + """ + Enable Data Security Posture Management + """ + return pulumi.get(self, "enabled") + + @enabled.setter + def enabled(self, value: pulumi.Input[bool]): + pulumi.set(self, "enabled", value) + + @property + @pulumi.getter(name="roleName") + def role_name(self) -> Optional[pulumi.Input[str]]: + """ + Custom AWS IAM role name for Data Security Posture Management + """ + return pulumi.get(self, "role_name") + + @role_name.setter + def role_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role_name", value) + + +if not MYPY: + class CloudAwsAccountIdpArgsDict(TypedDict): + enabled: pulumi.Input[bool] + """ + Enable Identity Protection + """ + status: NotRequired[pulumi.Input[str]] + """ + Current status of the Identity Protection integration + """ +elif False: + CloudAwsAccountIdpArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class CloudAwsAccountIdpArgs: + def __init__(__self__, *, + enabled: pulumi.Input[bool], + status: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[bool] enabled: Enable Identity Protection + :param pulumi.Input[str] status: Current status of the Identity Protection integration + """ + pulumi.set(__self__, "enabled", enabled) + if status is not None: + pulumi.set(__self__, "status", status) + + @property + @pulumi.getter + def enabled(self) -> pulumi.Input[bool]: + """ + Enable Identity Protection + """ + return pulumi.get(self, "enabled") + + @enabled.setter + def enabled(self, value: pulumi.Input[bool]): + pulumi.set(self, "enabled", value) + + @property + @pulumi.getter + def status(self) -> Optional[pulumi.Input[str]]: + """ + Current status of the Identity Protection integration + """ + return pulumi.get(self, "status") + + @status.setter + def status(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "status", value) + + +if not MYPY: + class CloudAwsAccountRealtimeVisibilityArgsDict(TypedDict): + cloudtrail_region: pulumi.Input[str] + """ + The AWS region of the CloudTrail bucket + """ + enabled: pulumi.Input[bool] + """ + Enable real-time visibility and detection + """ + use_existing_cloudtrail: NotRequired[pulumi.Input[bool]] + """ + Set to true if a CloudTrail already exists + """ +elif False: + CloudAwsAccountRealtimeVisibilityArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class CloudAwsAccountRealtimeVisibilityArgs: + def __init__(__self__, *, + cloudtrail_region: pulumi.Input[str], + enabled: pulumi.Input[bool], + use_existing_cloudtrail: Optional[pulumi.Input[bool]] = None): + """ + :param pulumi.Input[str] cloudtrail_region: The AWS region of the CloudTrail bucket + :param pulumi.Input[bool] enabled: Enable real-time visibility and detection + :param pulumi.Input[bool] use_existing_cloudtrail: Set to true if a CloudTrail already exists + """ + pulumi.set(__self__, "cloudtrail_region", cloudtrail_region) + pulumi.set(__self__, "enabled", enabled) + if use_existing_cloudtrail is not None: + pulumi.set(__self__, "use_existing_cloudtrail", use_existing_cloudtrail) + + @property + @pulumi.getter(name="cloudtrailRegion") + def cloudtrail_region(self) -> pulumi.Input[str]: + """ + The AWS region of the CloudTrail bucket + """ + return pulumi.get(self, "cloudtrail_region") + + @cloudtrail_region.setter + def cloudtrail_region(self, value: pulumi.Input[str]): + pulumi.set(self, "cloudtrail_region", value) + + @property + @pulumi.getter + def enabled(self) -> pulumi.Input[bool]: + """ + Enable real-time visibility and detection + """ + return pulumi.get(self, "enabled") + + @enabled.setter + def enabled(self, value: pulumi.Input[bool]): + pulumi.set(self, "enabled", value) + + @property + @pulumi.getter(name="useExistingCloudtrail") + def use_existing_cloudtrail(self) -> Optional[pulumi.Input[bool]]: + """ + Set to true if a CloudTrail already exists + """ + return pulumi.get(self, "use_existing_cloudtrail") + + @use_existing_cloudtrail.setter + def use_existing_cloudtrail(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "use_existing_cloudtrail", value) + + +if not MYPY: + class CloudAwsAccountSensorManagementArgsDict(TypedDict): + enabled: pulumi.Input[bool] + """ + Enable 1-click sensor deployment + """ +elif False: + CloudAwsAccountSensorManagementArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class CloudAwsAccountSensorManagementArgs: + def __init__(__self__, *, + enabled: pulumi.Input[bool]): + """ + :param pulumi.Input[bool] enabled: Enable 1-click sensor deployment + """ + pulumi.set(__self__, "enabled", enabled) + + @property + @pulumi.getter + def enabled(self) -> pulumi.Input[bool]: + """ + Enable 1-click sensor deployment + """ + return pulumi.get(self, "enabled") + + @enabled.setter + def enabled(self, value: pulumi.Input[bool]): + pulumi.set(self, "enabled", value) + + if not MYPY: class FilevantagePolicyScheduledExclusionArgsDict(TypedDict): name: pulumi.Input[str] diff --git a/sdk/python/crowdstrike_pulumi/_utilities.py b/sdk/python/crowdstrike_pulumi/_utilities.py index d2b71d0..45dc5cd 100644 --- a/sdk/python/crowdstrike_pulumi/_utilities.py +++ b/sdk/python/crowdstrike_pulumi/_utilities.py @@ -89,12 +89,16 @@ def _get_semver_version(): elif pep440_version.pre_tag == 'rc': prerelease = f"rc.{pep440_version.pre}" elif pep440_version.dev is not None: + # PEP440 has explicit support for dev builds, while semver encodes them as "prerelease" versions. To bridge + # between the two, we convert our dev build version into a prerelease tag. This matches what all of our other + # packages do when constructing their own semver string. prerelease = f"dev.{pep440_version.dev}" + elif pep440_version.local is not None: + # PEP440 only allows a small set of prerelease tags, so when converting an arbitrary prerelease, + # PypiVersion in /pkg/codegen/python/utilities.go converts it to a local version. Therefore, we need to + # do the reverse conversion here and set the local version as the prerelease tag. + prerelease = pep440_version.local - # The only significant difference between PEP440 and semver as it pertains to us is that PEP440 has explicit support - # for dev builds, while semver encodes them as "prerelease" versions. In order to bridge between the two, we convert - # our dev build version into a prerelease tag. This matches what all of our other packages do when constructing - # their own semver string. return SemverVersion(major=major, minor=minor, patch=patch, prerelease=prerelease) diff --git a/sdk/python/crowdstrike_pulumi/cloud_aws_account.py b/sdk/python/crowdstrike_pulumi/cloud_aws_account.py new file mode 100644 index 0000000..2367134 --- /dev/null +++ b/sdk/python/crowdstrike_pulumi/cloud_aws_account.py @@ -0,0 +1,755 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from . import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['CloudAwsAccountArgs', 'CloudAwsAccount'] + +@pulumi.input_type +class CloudAwsAccountArgs: + def __init__(__self__, *, + account_id: pulumi.Input[str], + account_type: Optional[pulumi.Input[str]] = None, + asset_inventory: Optional[pulumi.Input['CloudAwsAccountAssetInventoryArgs']] = None, + deployment_method: Optional[pulumi.Input[str]] = None, + dspm: Optional[pulumi.Input['CloudAwsAccountDspmArgs']] = None, + idp: Optional[pulumi.Input['CloudAwsAccountIdpArgs']] = None, + is_organization_management_account: Optional[pulumi.Input[bool]] = None, + organization_id: Optional[pulumi.Input[str]] = None, + realtime_visibility: Optional[pulumi.Input['CloudAwsAccountRealtimeVisibilityArgs']] = None, + sensor_management: Optional[pulumi.Input['CloudAwsAccountSensorManagementArgs']] = None, + target_ouses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + The set of arguments for constructing a CloudAwsAccount resource. + :param pulumi.Input[str] account_id: The AWS Account ID + :param pulumi.Input[str] account_type: The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + :param pulumi.Input[bool] is_organization_management_account: Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + :param pulumi.Input[str] organization_id: The AWS Organization ID + :param pulumi.Input[Sequence[pulumi.Input[str]]] target_ouses: The list of target Organizational Units + """ + pulumi.set(__self__, "account_id", account_id) + if account_type is not None: + pulumi.set(__self__, "account_type", account_type) + if asset_inventory is not None: + pulumi.set(__self__, "asset_inventory", asset_inventory) + if deployment_method is not None: + pulumi.set(__self__, "deployment_method", deployment_method) + if dspm is not None: + pulumi.set(__self__, "dspm", dspm) + if idp is not None: + pulumi.set(__self__, "idp", idp) + if is_organization_management_account is not None: + pulumi.set(__self__, "is_organization_management_account", is_organization_management_account) + if organization_id is not None: + pulumi.set(__self__, "organization_id", organization_id) + if realtime_visibility is not None: + pulumi.set(__self__, "realtime_visibility", realtime_visibility) + if sensor_management is not None: + pulumi.set(__self__, "sensor_management", sensor_management) + if target_ouses is not None: + pulumi.set(__self__, "target_ouses", target_ouses) + + @property + @pulumi.getter(name="accountId") + def account_id(self) -> pulumi.Input[str]: + """ + The AWS Account ID + """ + return pulumi.get(self, "account_id") + + @account_id.setter + def account_id(self, value: pulumi.Input[str]): + pulumi.set(self, "account_id", value) + + @property + @pulumi.getter(name="accountType") + def account_type(self) -> Optional[pulumi.Input[str]]: + """ + The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + """ + return pulumi.get(self, "account_type") + + @account_type.setter + def account_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "account_type", value) + + @property + @pulumi.getter(name="assetInventory") + def asset_inventory(self) -> Optional[pulumi.Input['CloudAwsAccountAssetInventoryArgs']]: + return pulumi.get(self, "asset_inventory") + + @asset_inventory.setter + def asset_inventory(self, value: Optional[pulumi.Input['CloudAwsAccountAssetInventoryArgs']]): + pulumi.set(self, "asset_inventory", value) + + @property + @pulumi.getter(name="deploymentMethod") + def deployment_method(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "deployment_method") + + @deployment_method.setter + def deployment_method(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "deployment_method", value) + + @property + @pulumi.getter + def dspm(self) -> Optional[pulumi.Input['CloudAwsAccountDspmArgs']]: + return pulumi.get(self, "dspm") + + @dspm.setter + def dspm(self, value: Optional[pulumi.Input['CloudAwsAccountDspmArgs']]): + pulumi.set(self, "dspm", value) + + @property + @pulumi.getter + def idp(self) -> Optional[pulumi.Input['CloudAwsAccountIdpArgs']]: + return pulumi.get(self, "idp") + + @idp.setter + def idp(self, value: Optional[pulumi.Input['CloudAwsAccountIdpArgs']]): + pulumi.set(self, "idp", value) + + @property + @pulumi.getter(name="isOrganizationManagementAccount") + def is_organization_management_account(self) -> Optional[pulumi.Input[bool]]: + """ + Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + """ + return pulumi.get(self, "is_organization_management_account") + + @is_organization_management_account.setter + def is_organization_management_account(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "is_organization_management_account", value) + + @property + @pulumi.getter(name="organizationId") + def organization_id(self) -> Optional[pulumi.Input[str]]: + """ + The AWS Organization ID + """ + return pulumi.get(self, "organization_id") + + @organization_id.setter + def organization_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "organization_id", value) + + @property + @pulumi.getter(name="realtimeVisibility") + def realtime_visibility(self) -> Optional[pulumi.Input['CloudAwsAccountRealtimeVisibilityArgs']]: + return pulumi.get(self, "realtime_visibility") + + @realtime_visibility.setter + def realtime_visibility(self, value: Optional[pulumi.Input['CloudAwsAccountRealtimeVisibilityArgs']]): + pulumi.set(self, "realtime_visibility", value) + + @property + @pulumi.getter(name="sensorManagement") + def sensor_management(self) -> Optional[pulumi.Input['CloudAwsAccountSensorManagementArgs']]: + return pulumi.get(self, "sensor_management") + + @sensor_management.setter + def sensor_management(self, value: Optional[pulumi.Input['CloudAwsAccountSensorManagementArgs']]): + pulumi.set(self, "sensor_management", value) + + @property + @pulumi.getter(name="targetOuses") + def target_ouses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The list of target Organizational Units + """ + return pulumi.get(self, "target_ouses") + + @target_ouses.setter + def target_ouses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "target_ouses", value) + + +@pulumi.input_type +class _CloudAwsAccountState: + def __init__(__self__, *, + account_id: Optional[pulumi.Input[str]] = None, + account_type: Optional[pulumi.Input[str]] = None, + asset_inventory: Optional[pulumi.Input['CloudAwsAccountAssetInventoryArgs']] = None, + cloudtrail_bucket_name: Optional[pulumi.Input[str]] = None, + deployment_method: Optional[pulumi.Input[str]] = None, + dspm: Optional[pulumi.Input['CloudAwsAccountDspmArgs']] = None, + dspm_role_arn: Optional[pulumi.Input[str]] = None, + eventbus_arn: Optional[pulumi.Input[str]] = None, + eventbus_name: Optional[pulumi.Input[str]] = None, + external_id: Optional[pulumi.Input[str]] = None, + iam_role_arn: Optional[pulumi.Input[str]] = None, + idp: Optional[pulumi.Input['CloudAwsAccountIdpArgs']] = None, + intermediate_role_arn: Optional[pulumi.Input[str]] = None, + is_organization_management_account: Optional[pulumi.Input[bool]] = None, + organization_id: Optional[pulumi.Input[str]] = None, + realtime_visibility: Optional[pulumi.Input['CloudAwsAccountRealtimeVisibilityArgs']] = None, + sensor_management: Optional[pulumi.Input['CloudAwsAccountSensorManagementArgs']] = None, + target_ouses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + Input properties used for looking up and filtering CloudAwsAccount resources. + :param pulumi.Input[str] account_id: The AWS Account ID + :param pulumi.Input[str] account_type: The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + :param pulumi.Input[str] cloudtrail_bucket_name: The name of the CloudTrail S3 bucket used for real-time visibility + :param pulumi.Input[str] dspm_role_arn: The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + :param pulumi.Input[str] eventbus_arn: The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + :param pulumi.Input[str] eventbus_name: The name of the Amazon EventBridge used by CrowdStrike to forward messages + :param pulumi.Input[str] external_id: The external ID used to assume the AWS IAM role + :param pulumi.Input[str] iam_role_arn: The ARN of the AWS IAM role used to access this AWS account + :param pulumi.Input[str] intermediate_role_arn: The ARN of the intermediate role used to assume the AWS IAM role + :param pulumi.Input[bool] is_organization_management_account: Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + :param pulumi.Input[str] organization_id: The AWS Organization ID + :param pulumi.Input[Sequence[pulumi.Input[str]]] target_ouses: The list of target Organizational Units + """ + if account_id is not None: + pulumi.set(__self__, "account_id", account_id) + if account_type is not None: + pulumi.set(__self__, "account_type", account_type) + if asset_inventory is not None: + pulumi.set(__self__, "asset_inventory", asset_inventory) + if cloudtrail_bucket_name is not None: + pulumi.set(__self__, "cloudtrail_bucket_name", cloudtrail_bucket_name) + if deployment_method is not None: + pulumi.set(__self__, "deployment_method", deployment_method) + if dspm is not None: + pulumi.set(__self__, "dspm", dspm) + if dspm_role_arn is not None: + pulumi.set(__self__, "dspm_role_arn", dspm_role_arn) + if eventbus_arn is not None: + pulumi.set(__self__, "eventbus_arn", eventbus_arn) + if eventbus_name is not None: + pulumi.set(__self__, "eventbus_name", eventbus_name) + if external_id is not None: + pulumi.set(__self__, "external_id", external_id) + if iam_role_arn is not None: + pulumi.set(__self__, "iam_role_arn", iam_role_arn) + if idp is not None: + pulumi.set(__self__, "idp", idp) + if intermediate_role_arn is not None: + pulumi.set(__self__, "intermediate_role_arn", intermediate_role_arn) + if is_organization_management_account is not None: + pulumi.set(__self__, "is_organization_management_account", is_organization_management_account) + if organization_id is not None: + pulumi.set(__self__, "organization_id", organization_id) + if realtime_visibility is not None: + pulumi.set(__self__, "realtime_visibility", realtime_visibility) + if sensor_management is not None: + pulumi.set(__self__, "sensor_management", sensor_management) + if target_ouses is not None: + pulumi.set(__self__, "target_ouses", target_ouses) + + @property + @pulumi.getter(name="accountId") + def account_id(self) -> Optional[pulumi.Input[str]]: + """ + The AWS Account ID + """ + return pulumi.get(self, "account_id") + + @account_id.setter + def account_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "account_id", value) + + @property + @pulumi.getter(name="accountType") + def account_type(self) -> Optional[pulumi.Input[str]]: + """ + The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + """ + return pulumi.get(self, "account_type") + + @account_type.setter + def account_type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "account_type", value) + + @property + @pulumi.getter(name="assetInventory") + def asset_inventory(self) -> Optional[pulumi.Input['CloudAwsAccountAssetInventoryArgs']]: + return pulumi.get(self, "asset_inventory") + + @asset_inventory.setter + def asset_inventory(self, value: Optional[pulumi.Input['CloudAwsAccountAssetInventoryArgs']]): + pulumi.set(self, "asset_inventory", value) + + @property + @pulumi.getter(name="cloudtrailBucketName") + def cloudtrail_bucket_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the CloudTrail S3 bucket used for real-time visibility + """ + return pulumi.get(self, "cloudtrail_bucket_name") + + @cloudtrail_bucket_name.setter + def cloudtrail_bucket_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "cloudtrail_bucket_name", value) + + @property + @pulumi.getter(name="deploymentMethod") + def deployment_method(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "deployment_method") + + @deployment_method.setter + def deployment_method(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "deployment_method", value) + + @property + @pulumi.getter + def dspm(self) -> Optional[pulumi.Input['CloudAwsAccountDspmArgs']]: + return pulumi.get(self, "dspm") + + @dspm.setter + def dspm(self, value: Optional[pulumi.Input['CloudAwsAccountDspmArgs']]): + pulumi.set(self, "dspm", value) + + @property + @pulumi.getter(name="dspmRoleArn") + def dspm_role_arn(self) -> Optional[pulumi.Input[str]]: + """ + The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + """ + return pulumi.get(self, "dspm_role_arn") + + @dspm_role_arn.setter + def dspm_role_arn(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "dspm_role_arn", value) + + @property + @pulumi.getter(name="eventbusArn") + def eventbus_arn(self) -> Optional[pulumi.Input[str]]: + """ + The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + """ + return pulumi.get(self, "eventbus_arn") + + @eventbus_arn.setter + def eventbus_arn(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "eventbus_arn", value) + + @property + @pulumi.getter(name="eventbusName") + def eventbus_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the Amazon EventBridge used by CrowdStrike to forward messages + """ + return pulumi.get(self, "eventbus_name") + + @eventbus_name.setter + def eventbus_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "eventbus_name", value) + + @property + @pulumi.getter(name="externalId") + def external_id(self) -> Optional[pulumi.Input[str]]: + """ + The external ID used to assume the AWS IAM role + """ + return pulumi.get(self, "external_id") + + @external_id.setter + def external_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "external_id", value) + + @property + @pulumi.getter(name="iamRoleArn") + def iam_role_arn(self) -> Optional[pulumi.Input[str]]: + """ + The ARN of the AWS IAM role used to access this AWS account + """ + return pulumi.get(self, "iam_role_arn") + + @iam_role_arn.setter + def iam_role_arn(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "iam_role_arn", value) + + @property + @pulumi.getter + def idp(self) -> Optional[pulumi.Input['CloudAwsAccountIdpArgs']]: + return pulumi.get(self, "idp") + + @idp.setter + def idp(self, value: Optional[pulumi.Input['CloudAwsAccountIdpArgs']]): + pulumi.set(self, "idp", value) + + @property + @pulumi.getter(name="intermediateRoleArn") + def intermediate_role_arn(self) -> Optional[pulumi.Input[str]]: + """ + The ARN of the intermediate role used to assume the AWS IAM role + """ + return pulumi.get(self, "intermediate_role_arn") + + @intermediate_role_arn.setter + def intermediate_role_arn(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "intermediate_role_arn", value) + + @property + @pulumi.getter(name="isOrganizationManagementAccount") + def is_organization_management_account(self) -> Optional[pulumi.Input[bool]]: + """ + Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + """ + return pulumi.get(self, "is_organization_management_account") + + @is_organization_management_account.setter + def is_organization_management_account(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "is_organization_management_account", value) + + @property + @pulumi.getter(name="organizationId") + def organization_id(self) -> Optional[pulumi.Input[str]]: + """ + The AWS Organization ID + """ + return pulumi.get(self, "organization_id") + + @organization_id.setter + def organization_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "organization_id", value) + + @property + @pulumi.getter(name="realtimeVisibility") + def realtime_visibility(self) -> Optional[pulumi.Input['CloudAwsAccountRealtimeVisibilityArgs']]: + return pulumi.get(self, "realtime_visibility") + + @realtime_visibility.setter + def realtime_visibility(self, value: Optional[pulumi.Input['CloudAwsAccountRealtimeVisibilityArgs']]): + pulumi.set(self, "realtime_visibility", value) + + @property + @pulumi.getter(name="sensorManagement") + def sensor_management(self) -> Optional[pulumi.Input['CloudAwsAccountSensorManagementArgs']]: + return pulumi.get(self, "sensor_management") + + @sensor_management.setter + def sensor_management(self, value: Optional[pulumi.Input['CloudAwsAccountSensorManagementArgs']]): + pulumi.set(self, "sensor_management", value) + + @property + @pulumi.getter(name="targetOuses") + def target_ouses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + The list of target Organizational Units + """ + return pulumi.get(self, "target_ouses") + + @target_ouses.setter + def target_ouses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "target_ouses", value) + + +class CloudAwsAccount(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + account_id: Optional[pulumi.Input[str]] = None, + account_type: Optional[pulumi.Input[str]] = None, + asset_inventory: Optional[pulumi.Input[Union['CloudAwsAccountAssetInventoryArgs', 'CloudAwsAccountAssetInventoryArgsDict']]] = None, + deployment_method: Optional[pulumi.Input[str]] = None, + dspm: Optional[pulumi.Input[Union['CloudAwsAccountDspmArgs', 'CloudAwsAccountDspmArgsDict']]] = None, + idp: Optional[pulumi.Input[Union['CloudAwsAccountIdpArgs', 'CloudAwsAccountIdpArgsDict']]] = None, + is_organization_management_account: Optional[pulumi.Input[bool]] = None, + organization_id: Optional[pulumi.Input[str]] = None, + realtime_visibility: Optional[pulumi.Input[Union['CloudAwsAccountRealtimeVisibilityArgs', 'CloudAwsAccountRealtimeVisibilityArgsDict']]] = None, + sensor_management: Optional[pulumi.Input[Union['CloudAwsAccountSensorManagementArgs', 'CloudAwsAccountSensorManagementArgsDict']]] = None, + target_ouses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + __props__=None): + """ + This resource allows management of an AWS account in Falcon. + + ## API Scopes + + The following API scopes are required: + + - Cloud security AWS registration | Read & Write + - CSPM registration | Read & Write + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] account_id: The AWS Account ID + :param pulumi.Input[str] account_type: The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + :param pulumi.Input[bool] is_organization_management_account: Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + :param pulumi.Input[str] organization_id: The AWS Organization ID + :param pulumi.Input[Sequence[pulumi.Input[str]]] target_ouses: The list of target Organizational Units + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: CloudAwsAccountArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + This resource allows management of an AWS account in Falcon. + + ## API Scopes + + The following API scopes are required: + + - Cloud security AWS registration | Read & Write + - CSPM registration | Read & Write + + :param str resource_name: The name of the resource. + :param CloudAwsAccountArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(CloudAwsAccountArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + account_id: Optional[pulumi.Input[str]] = None, + account_type: Optional[pulumi.Input[str]] = None, + asset_inventory: Optional[pulumi.Input[Union['CloudAwsAccountAssetInventoryArgs', 'CloudAwsAccountAssetInventoryArgsDict']]] = None, + deployment_method: Optional[pulumi.Input[str]] = None, + dspm: Optional[pulumi.Input[Union['CloudAwsAccountDspmArgs', 'CloudAwsAccountDspmArgsDict']]] = None, + idp: Optional[pulumi.Input[Union['CloudAwsAccountIdpArgs', 'CloudAwsAccountIdpArgsDict']]] = None, + is_organization_management_account: Optional[pulumi.Input[bool]] = None, + organization_id: Optional[pulumi.Input[str]] = None, + realtime_visibility: Optional[pulumi.Input[Union['CloudAwsAccountRealtimeVisibilityArgs', 'CloudAwsAccountRealtimeVisibilityArgsDict']]] = None, + sensor_management: Optional[pulumi.Input[Union['CloudAwsAccountSensorManagementArgs', 'CloudAwsAccountSensorManagementArgsDict']]] = None, + target_ouses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = CloudAwsAccountArgs.__new__(CloudAwsAccountArgs) + + if account_id is None and not opts.urn: + raise TypeError("Missing required property 'account_id'") + __props__.__dict__["account_id"] = account_id + __props__.__dict__["account_type"] = account_type + __props__.__dict__["asset_inventory"] = asset_inventory + __props__.__dict__["deployment_method"] = deployment_method + __props__.__dict__["dspm"] = dspm + __props__.__dict__["idp"] = idp + __props__.__dict__["is_organization_management_account"] = is_organization_management_account + __props__.__dict__["organization_id"] = organization_id + __props__.__dict__["realtime_visibility"] = realtime_visibility + __props__.__dict__["sensor_management"] = sensor_management + __props__.__dict__["target_ouses"] = target_ouses + __props__.__dict__["cloudtrail_bucket_name"] = None + __props__.__dict__["dspm_role_arn"] = None + __props__.__dict__["eventbus_arn"] = None + __props__.__dict__["eventbus_name"] = None + __props__.__dict__["external_id"] = None + __props__.__dict__["iam_role_arn"] = None + __props__.__dict__["intermediate_role_arn"] = None + super(CloudAwsAccount, __self__).__init__( + 'crowdstrike:index/cloudAwsAccount:CloudAwsAccount', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + account_id: Optional[pulumi.Input[str]] = None, + account_type: Optional[pulumi.Input[str]] = None, + asset_inventory: Optional[pulumi.Input[Union['CloudAwsAccountAssetInventoryArgs', 'CloudAwsAccountAssetInventoryArgsDict']]] = None, + cloudtrail_bucket_name: Optional[pulumi.Input[str]] = None, + deployment_method: Optional[pulumi.Input[str]] = None, + dspm: Optional[pulumi.Input[Union['CloudAwsAccountDspmArgs', 'CloudAwsAccountDspmArgsDict']]] = None, + dspm_role_arn: Optional[pulumi.Input[str]] = None, + eventbus_arn: Optional[pulumi.Input[str]] = None, + eventbus_name: Optional[pulumi.Input[str]] = None, + external_id: Optional[pulumi.Input[str]] = None, + iam_role_arn: Optional[pulumi.Input[str]] = None, + idp: Optional[pulumi.Input[Union['CloudAwsAccountIdpArgs', 'CloudAwsAccountIdpArgsDict']]] = None, + intermediate_role_arn: Optional[pulumi.Input[str]] = None, + is_organization_management_account: Optional[pulumi.Input[bool]] = None, + organization_id: Optional[pulumi.Input[str]] = None, + realtime_visibility: Optional[pulumi.Input[Union['CloudAwsAccountRealtimeVisibilityArgs', 'CloudAwsAccountRealtimeVisibilityArgsDict']]] = None, + sensor_management: Optional[pulumi.Input[Union['CloudAwsAccountSensorManagementArgs', 'CloudAwsAccountSensorManagementArgsDict']]] = None, + target_ouses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None) -> 'CloudAwsAccount': + """ + Get an existing CloudAwsAccount resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] account_id: The AWS Account ID + :param pulumi.Input[str] account_type: The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + :param pulumi.Input[str] cloudtrail_bucket_name: The name of the CloudTrail S3 bucket used for real-time visibility + :param pulumi.Input[str] dspm_role_arn: The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + :param pulumi.Input[str] eventbus_arn: The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + :param pulumi.Input[str] eventbus_name: The name of the Amazon EventBridge used by CrowdStrike to forward messages + :param pulumi.Input[str] external_id: The external ID used to assume the AWS IAM role + :param pulumi.Input[str] iam_role_arn: The ARN of the AWS IAM role used to access this AWS account + :param pulumi.Input[str] intermediate_role_arn: The ARN of the intermediate role used to assume the AWS IAM role + :param pulumi.Input[bool] is_organization_management_account: Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + :param pulumi.Input[str] organization_id: The AWS Organization ID + :param pulumi.Input[Sequence[pulumi.Input[str]]] target_ouses: The list of target Organizational Units + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _CloudAwsAccountState.__new__(_CloudAwsAccountState) + + __props__.__dict__["account_id"] = account_id + __props__.__dict__["account_type"] = account_type + __props__.__dict__["asset_inventory"] = asset_inventory + __props__.__dict__["cloudtrail_bucket_name"] = cloudtrail_bucket_name + __props__.__dict__["deployment_method"] = deployment_method + __props__.__dict__["dspm"] = dspm + __props__.__dict__["dspm_role_arn"] = dspm_role_arn + __props__.__dict__["eventbus_arn"] = eventbus_arn + __props__.__dict__["eventbus_name"] = eventbus_name + __props__.__dict__["external_id"] = external_id + __props__.__dict__["iam_role_arn"] = iam_role_arn + __props__.__dict__["idp"] = idp + __props__.__dict__["intermediate_role_arn"] = intermediate_role_arn + __props__.__dict__["is_organization_management_account"] = is_organization_management_account + __props__.__dict__["organization_id"] = organization_id + __props__.__dict__["realtime_visibility"] = realtime_visibility + __props__.__dict__["sensor_management"] = sensor_management + __props__.__dict__["target_ouses"] = target_ouses + return CloudAwsAccount(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="accountId") + def account_id(self) -> pulumi.Output[str]: + """ + The AWS Account ID + """ + return pulumi.get(self, "account_id") + + @property + @pulumi.getter(name="accountType") + def account_type(self) -> pulumi.Output[str]: + """ + The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + """ + return pulumi.get(self, "account_type") + + @property + @pulumi.getter(name="assetInventory") + def asset_inventory(self) -> pulumi.Output['outputs.CloudAwsAccountAssetInventory']: + return pulumi.get(self, "asset_inventory") + + @property + @pulumi.getter(name="cloudtrailBucketName") + def cloudtrail_bucket_name(self) -> pulumi.Output[str]: + """ + The name of the CloudTrail S3 bucket used for real-time visibility + """ + return pulumi.get(self, "cloudtrail_bucket_name") + + @property + @pulumi.getter(name="deploymentMethod") + def deployment_method(self) -> pulumi.Output[str]: + return pulumi.get(self, "deployment_method") + + @property + @pulumi.getter + def dspm(self) -> pulumi.Output['outputs.CloudAwsAccountDspm']: + return pulumi.get(self, "dspm") + + @property + @pulumi.getter(name="dspmRoleArn") + def dspm_role_arn(self) -> pulumi.Output[str]: + """ + The ARN of the IAM role to be used by CrowdStrike Data Security Posture Management + """ + return pulumi.get(self, "dspm_role_arn") + + @property + @pulumi.getter(name="eventbusArn") + def eventbus_arn(self) -> pulumi.Output[str]: + """ + The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + """ + return pulumi.get(self, "eventbus_arn") + + @property + @pulumi.getter(name="eventbusName") + def eventbus_name(self) -> pulumi.Output[str]: + """ + The name of the Amazon EventBridge used by CrowdStrike to forward messages + """ + return pulumi.get(self, "eventbus_name") + + @property + @pulumi.getter(name="externalId") + def external_id(self) -> pulumi.Output[str]: + """ + The external ID used to assume the AWS IAM role + """ + return pulumi.get(self, "external_id") + + @property + @pulumi.getter(name="iamRoleArn") + def iam_role_arn(self) -> pulumi.Output[str]: + """ + The ARN of the AWS IAM role used to access this AWS account + """ + return pulumi.get(self, "iam_role_arn") + + @property + @pulumi.getter + def idp(self) -> pulumi.Output['outputs.CloudAwsAccountIdp']: + return pulumi.get(self, "idp") + + @property + @pulumi.getter(name="intermediateRoleArn") + def intermediate_role_arn(self) -> pulumi.Output[str]: + """ + The ARN of the intermediate role used to assume the AWS IAM role + """ + return pulumi.get(self, "intermediate_role_arn") + + @property + @pulumi.getter(name="isOrganizationManagementAccount") + def is_organization_management_account(self) -> pulumi.Output[bool]: + """ + Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + """ + return pulumi.get(self, "is_organization_management_account") + + @property + @pulumi.getter(name="organizationId") + def organization_id(self) -> pulumi.Output[str]: + """ + The AWS Organization ID + """ + return pulumi.get(self, "organization_id") + + @property + @pulumi.getter(name="realtimeVisibility") + def realtime_visibility(self) -> pulumi.Output['outputs.CloudAwsAccountRealtimeVisibility']: + return pulumi.get(self, "realtime_visibility") + + @property + @pulumi.getter(name="sensorManagement") + def sensor_management(self) -> pulumi.Output['outputs.CloudAwsAccountSensorManagement']: + return pulumi.get(self, "sensor_management") + + @property + @pulumi.getter(name="targetOuses") + def target_ouses(self) -> pulumi.Output[Sequence[str]]: + """ + The list of target Organizational Units + """ + return pulumi.get(self, "target_ouses") + diff --git a/sdk/python/crowdstrike_pulumi/config/__init__.pyi b/sdk/python/crowdstrike_pulumi/config/__init__.pyi index 0c3b09d..3d2847e 100644 --- a/sdk/python/crowdstrike_pulumi/config/__init__.pyi +++ b/sdk/python/crowdstrike_pulumi/config/__init__.pyi @@ -28,6 +28,12 @@ when left blank. cloud: Optional[str] """ -Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 +Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD +environment variable when left blank. +""" + +memberCid: Optional[str] +""" +For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID """ diff --git a/sdk/python/crowdstrike_pulumi/config/vars.py b/sdk/python/crowdstrike_pulumi/config/vars.py index 7b7c2f9..3162c74 100644 --- a/sdk/python/crowdstrike_pulumi/config/vars.py +++ b/sdk/python/crowdstrike_pulumi/config/vars.py @@ -39,7 +39,15 @@ def client_secret(self) -> Optional[str]: @property def cloud(self) -> Optional[str]: """ - Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + environment variable when left blank. """ return __config__.get('cloud') + @property + def member_cid(self) -> Optional[str]: + """ + For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + """ + return __config__.get('memberCid') + diff --git a/sdk/python/crowdstrike_pulumi/get_cloud_aws_account.py b/sdk/python/crowdstrike_pulumi/get_cloud_aws_account.py new file mode 100644 index 0000000..b0d558f --- /dev/null +++ b/sdk/python/crowdstrike_pulumi/get_cloud_aws_account.py @@ -0,0 +1,165 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from . import _utilities +from . import outputs + +__all__ = [ + 'GetCloudAwsAccountResult', + 'AwaitableGetCloudAwsAccountResult', + 'get_cloud_aws_account', + 'get_cloud_aws_account_output', +] + +@pulumi.output_type +class GetCloudAwsAccountResult: + """ + A collection of values returned by getCloudAwsAccount. + """ + def __init__(__self__, account_id=None, accounts=None, id=None, organization_id=None): + if account_id and not isinstance(account_id, str): + raise TypeError("Expected argument 'account_id' to be a str") + pulumi.set(__self__, "account_id", account_id) + if accounts and not isinstance(accounts, list): + raise TypeError("Expected argument 'accounts' to be a list") + pulumi.set(__self__, "accounts", accounts) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if organization_id and not isinstance(organization_id, str): + raise TypeError("Expected argument 'organization_id' to be a str") + pulumi.set(__self__, "organization_id", organization_id) + + @property + @pulumi.getter(name="accountId") + def account_id(self) -> Optional[str]: + """ + Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching + """ + return pulumi.get(self, "account_id") + + @property + @pulumi.getter + def accounts(self) -> Sequence['outputs.GetCloudAwsAccountAccountResult']: + """ + The list of AWS accounts + """ + return pulumi.get(self, "accounts") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter(name="organizationId") + def organization_id(self) -> Optional[str]: + """ + Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching + """ + return pulumi.get(self, "organization_id") + + +class AwaitableGetCloudAwsAccountResult(GetCloudAwsAccountResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetCloudAwsAccountResult( + account_id=self.account_id, + accounts=self.accounts, + id=self.id, + organization_id=self.organization_id) + + +def get_cloud_aws_account(account_id: Optional[str] = None, + organization_id: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetCloudAwsAccountResult: + """ + This data source provides information about AWS accounts in Falcon. + + ## API Scopes + + The following API scopes are required: + + - Cloud security AWS registration | Read & Write + - CSPM registration | Read & Write + + ## Example Usage + + ```python + import pulumi + import pulumi_crowdstrike as crowdstrike + + all = crowdstrike.get_cloud_aws_account() + specific = crowdstrike.get_cloud_aws_account(account_id="123456789012") + org = crowdstrike.get_cloud_aws_account(organization_id="o-123456789012") + ``` + + + :param str account_id: Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching + :param str organization_id: Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching + """ + __args__ = dict() + __args__['accountId'] = account_id + __args__['organizationId'] = organization_id + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount', __args__, opts=opts, typ=GetCloudAwsAccountResult).value + + return AwaitableGetCloudAwsAccountResult( + account_id=pulumi.get(__ret__, 'account_id'), + accounts=pulumi.get(__ret__, 'accounts'), + id=pulumi.get(__ret__, 'id'), + organization_id=pulumi.get(__ret__, 'organization_id')) +def get_cloud_aws_account_output(account_id: Optional[pulumi.Input[Optional[str]]] = None, + organization_id: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetCloudAwsAccountResult]: + """ + This data source provides information about AWS accounts in Falcon. + + ## API Scopes + + The following API scopes are required: + + - Cloud security AWS registration | Read & Write + - CSPM registration | Read & Write + + ## Example Usage + + ```python + import pulumi + import pulumi_crowdstrike as crowdstrike + + all = crowdstrike.get_cloud_aws_account() + specific = crowdstrike.get_cloud_aws_account(account_id="123456789012") + org = crowdstrike.get_cloud_aws_account(organization_id="o-123456789012") + ``` + + + :param str account_id: Filter the results to a specific AWS Account ID. When specified, returns details for the matching AWS account. Can be used together with organization_id filter for OR matching + :param str organization_id: Filter the results to accounts within a specific AWS Organization. When specified, returns all AWS accounts associated with this organization ID. Can be used together with account_id filter for OR matching + """ + __args__ = dict() + __args__['accountId'] = account_id + __args__['organizationId'] = organization_id + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke_output('crowdstrike:index/getCloudAwsAccount:getCloudAwsAccount', __args__, opts=opts, typ=GetCloudAwsAccountResult) + return __ret__.apply(lambda __response__: GetCloudAwsAccountResult( + account_id=pulumi.get(__response__, 'account_id'), + accounts=pulumi.get(__response__, 'accounts'), + id=pulumi.get(__response__, 'id'), + organization_id=pulumi.get(__response__, 'organization_id'))) diff --git a/sdk/python/crowdstrike_pulumi/outputs.py b/sdk/python/crowdstrike_pulumi/outputs.py index b7fd396..3393d85 100644 --- a/sdk/python/crowdstrike_pulumi/outputs.py +++ b/sdk/python/crowdstrike_pulumi/outputs.py @@ -16,6 +16,11 @@ from . import outputs __all__ = [ + 'CloudAwsAccountAssetInventory', + 'CloudAwsAccountDspm', + 'CloudAwsAccountIdp', + 'CloudAwsAccountRealtimeVisibility', + 'CloudAwsAccountSensorManagement', 'FilevantagePolicyScheduledExclusion', 'FilevantagePolicyScheduledExclusionRepeated', 'FilevantageRuleGroupRule', @@ -34,6 +39,7 @@ 'PreventionPolicyWindowsSensorAntiMalwareUserInitiated', 'SensorUpdatePolicySchedule', 'SensorUpdatePolicyScheduleTimeBlock', + 'GetCloudAwsAccountAccountResult', 'GetSensorUpdatePolicyBuildsLinuxResult', 'GetSensorUpdatePolicyBuildsLinuxAllResult', 'GetSensorUpdatePolicyBuildsLinuxArm64Result', @@ -56,6 +62,208 @@ 'GetSensorUpdatePolicyBuildsWindowsN2Result', ] +@pulumi.output_type +class CloudAwsAccountAssetInventory(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "roleName": + suggest = "role_name" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in CloudAwsAccountAssetInventory. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + CloudAwsAccountAssetInventory.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + CloudAwsAccountAssetInventory.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + enabled: bool, + role_name: Optional[str] = None): + """ + :param bool enabled: Enable asset inventory + :param str role_name: Custom AWS IAM role name + """ + pulumi.set(__self__, "enabled", enabled) + if role_name is not None: + pulumi.set(__self__, "role_name", role_name) + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Enable asset inventory + """ + return pulumi.get(self, "enabled") + + @property + @pulumi.getter(name="roleName") + def role_name(self) -> Optional[str]: + """ + Custom AWS IAM role name + """ + return pulumi.get(self, "role_name") + + +@pulumi.output_type +class CloudAwsAccountDspm(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "roleName": + suggest = "role_name" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in CloudAwsAccountDspm. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + CloudAwsAccountDspm.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + CloudAwsAccountDspm.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + enabled: bool, + role_name: Optional[str] = None): + """ + :param bool enabled: Enable Data Security Posture Management + :param str role_name: Custom AWS IAM role name for Data Security Posture Management + """ + pulumi.set(__self__, "enabled", enabled) + if role_name is not None: + pulumi.set(__self__, "role_name", role_name) + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Enable Data Security Posture Management + """ + return pulumi.get(self, "enabled") + + @property + @pulumi.getter(name="roleName") + def role_name(self) -> Optional[str]: + """ + Custom AWS IAM role name for Data Security Posture Management + """ + return pulumi.get(self, "role_name") + + +@pulumi.output_type +class CloudAwsAccountIdp(dict): + def __init__(__self__, *, + enabled: bool, + status: Optional[str] = None): + """ + :param bool enabled: Enable Identity Protection + :param str status: Current status of the Identity Protection integration + """ + pulumi.set(__self__, "enabled", enabled) + if status is not None: + pulumi.set(__self__, "status", status) + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Enable Identity Protection + """ + return pulumi.get(self, "enabled") + + @property + @pulumi.getter + def status(self) -> Optional[str]: + """ + Current status of the Identity Protection integration + """ + return pulumi.get(self, "status") + + +@pulumi.output_type +class CloudAwsAccountRealtimeVisibility(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "cloudtrailRegion": + suggest = "cloudtrail_region" + elif key == "useExistingCloudtrail": + suggest = "use_existing_cloudtrail" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in CloudAwsAccountRealtimeVisibility. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + CloudAwsAccountRealtimeVisibility.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + CloudAwsAccountRealtimeVisibility.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + cloudtrail_region: str, + enabled: bool, + use_existing_cloudtrail: Optional[bool] = None): + """ + :param str cloudtrail_region: The AWS region of the CloudTrail bucket + :param bool enabled: Enable real-time visibility and detection + :param bool use_existing_cloudtrail: Set to true if a CloudTrail already exists + """ + pulumi.set(__self__, "cloudtrail_region", cloudtrail_region) + pulumi.set(__self__, "enabled", enabled) + if use_existing_cloudtrail is not None: + pulumi.set(__self__, "use_existing_cloudtrail", use_existing_cloudtrail) + + @property + @pulumi.getter(name="cloudtrailRegion") + def cloudtrail_region(self) -> str: + """ + The AWS region of the CloudTrail bucket + """ + return pulumi.get(self, "cloudtrail_region") + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Enable real-time visibility and detection + """ + return pulumi.get(self, "enabled") + + @property + @pulumi.getter(name="useExistingCloudtrail") + def use_existing_cloudtrail(self) -> Optional[bool]: + """ + Set to true if a CloudTrail already exists + """ + return pulumi.get(self, "use_existing_cloudtrail") + + +@pulumi.output_type +class CloudAwsAccountSensorManagement(dict): + def __init__(__self__, *, + enabled: bool): + """ + :param bool enabled: Enable 1-click sensor deployment + """ + pulumi.set(__self__, "enabled", enabled) + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Enable 1-click sensor deployment + """ + return pulumi.get(self, "enabled") + + @pulumi.output_type class FilevantagePolicyScheduledExclusion(dict): @staticmethod @@ -1265,6 +1473,211 @@ def start_time(self) -> str: return pulumi.get(self, "start_time") +@pulumi.output_type +class GetCloudAwsAccountAccountResult(dict): + def __init__(__self__, *, + account_id: str, + account_type: str, + asset_inventory_enabled: bool, + cloudtrail_bucket_name: str, + cloudtrail_region: str, + dspm_enabled: bool, + dspm_role_arn: str, + eventbus_arn: str, + eventbus_name: str, + external_id: str, + iam_role_arn: str, + idp_enabled: bool, + intermediate_role_arn: str, + is_organization_management_account: bool, + organization_id: str, + realtime_visibility_enabled: bool, + sensor_management_enabled: bool, + target_ouses: Sequence[str]): + """ + :param str account_id: The AWS Account ID + :param str account_type: The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + :param bool asset_inventory_enabled: Whether asset inventory is enabled + :param str cloudtrail_bucket_name: The name of the CloudTrail S3 bucket used for real-time visibility + :param str cloudtrail_region: The AWS region of the CloudTrail bucket + :param bool dspm_enabled: Whether Data Security Posture Management is enabled + :param str dspm_role_arn: The ARN of the IAM role to be used by CrowdStrike DSPM + :param str eventbus_arn: The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + :param str eventbus_name: The name of the Amazon EventBridge used by CrowdStrike to forward messages + :param str external_id: The external ID used to assume the AWS IAM role + :param str iam_role_arn: The ARN of the AWS IAM role used to access this AWS account + :param bool idp_enabled: Whether Identity Protection is enabled + :param str intermediate_role_arn: The ARN of the intermediate role used to assume the AWS IAM role + :param bool is_organization_management_account: Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + :param str organization_id: The AWS Organization ID + :param bool realtime_visibility_enabled: Whether real-time visibility is enabled + :param bool sensor_management_enabled: Whether 1-click sensor deployment is enabled + :param Sequence[str] target_ouses: The list of AWS Organizational Units (OUs) targeted for this account + """ + pulumi.set(__self__, "account_id", account_id) + pulumi.set(__self__, "account_type", account_type) + pulumi.set(__self__, "asset_inventory_enabled", asset_inventory_enabled) + pulumi.set(__self__, "cloudtrail_bucket_name", cloudtrail_bucket_name) + pulumi.set(__self__, "cloudtrail_region", cloudtrail_region) + pulumi.set(__self__, "dspm_enabled", dspm_enabled) + pulumi.set(__self__, "dspm_role_arn", dspm_role_arn) + pulumi.set(__self__, "eventbus_arn", eventbus_arn) + pulumi.set(__self__, "eventbus_name", eventbus_name) + pulumi.set(__self__, "external_id", external_id) + pulumi.set(__self__, "iam_role_arn", iam_role_arn) + pulumi.set(__self__, "idp_enabled", idp_enabled) + pulumi.set(__self__, "intermediate_role_arn", intermediate_role_arn) + pulumi.set(__self__, "is_organization_management_account", is_organization_management_account) + pulumi.set(__self__, "organization_id", organization_id) + pulumi.set(__self__, "realtime_visibility_enabled", realtime_visibility_enabled) + pulumi.set(__self__, "sensor_management_enabled", sensor_management_enabled) + pulumi.set(__self__, "target_ouses", target_ouses) + + @property + @pulumi.getter(name="accountId") + def account_id(self) -> str: + """ + The AWS Account ID + """ + return pulumi.get(self, "account_id") + + @property + @pulumi.getter(name="accountType") + def account_type(self) -> str: + """ + The AWS account type. Value is 'commercial' for Commercial cloud accounts. For GovCloud environments, value can be either 'commercial' or 'gov' depending on the account type + """ + return pulumi.get(self, "account_type") + + @property + @pulumi.getter(name="assetInventoryEnabled") + def asset_inventory_enabled(self) -> bool: + """ + Whether asset inventory is enabled + """ + return pulumi.get(self, "asset_inventory_enabled") + + @property + @pulumi.getter(name="cloudtrailBucketName") + def cloudtrail_bucket_name(self) -> str: + """ + The name of the CloudTrail S3 bucket used for real-time visibility + """ + return pulumi.get(self, "cloudtrail_bucket_name") + + @property + @pulumi.getter(name="cloudtrailRegion") + def cloudtrail_region(self) -> str: + """ + The AWS region of the CloudTrail bucket + """ + return pulumi.get(self, "cloudtrail_region") + + @property + @pulumi.getter(name="dspmEnabled") + def dspm_enabled(self) -> bool: + """ + Whether Data Security Posture Management is enabled + """ + return pulumi.get(self, "dspm_enabled") + + @property + @pulumi.getter(name="dspmRoleArn") + def dspm_role_arn(self) -> str: + """ + The ARN of the IAM role to be used by CrowdStrike DSPM + """ + return pulumi.get(self, "dspm_role_arn") + + @property + @pulumi.getter(name="eventbusArn") + def eventbus_arn(self) -> str: + """ + The ARN of the Amazon EventBridge used by CrowdStrike to forward messages + """ + return pulumi.get(self, "eventbus_arn") + + @property + @pulumi.getter(name="eventbusName") + def eventbus_name(self) -> str: + """ + The name of the Amazon EventBridge used by CrowdStrike to forward messages + """ + return pulumi.get(self, "eventbus_name") + + @property + @pulumi.getter(name="externalId") + def external_id(self) -> str: + """ + The external ID used to assume the AWS IAM role + """ + return pulumi.get(self, "external_id") + + @property + @pulumi.getter(name="iamRoleArn") + def iam_role_arn(self) -> str: + """ + The ARN of the AWS IAM role used to access this AWS account + """ + return pulumi.get(self, "iam_role_arn") + + @property + @pulumi.getter(name="idpEnabled") + def idp_enabled(self) -> bool: + """ + Whether Identity Protection is enabled + """ + return pulumi.get(self, "idp_enabled") + + @property + @pulumi.getter(name="intermediateRoleArn") + def intermediate_role_arn(self) -> str: + """ + The ARN of the intermediate role used to assume the AWS IAM role + """ + return pulumi.get(self, "intermediate_role_arn") + + @property + @pulumi.getter(name="isOrganizationManagementAccount") + def is_organization_management_account(self) -> bool: + """ + Indicates whether this is the management account (formerly known as the root account) of an AWS Organization + """ + return pulumi.get(self, "is_organization_management_account") + + @property + @pulumi.getter(name="organizationId") + def organization_id(self) -> str: + """ + The AWS Organization ID + """ + return pulumi.get(self, "organization_id") + + @property + @pulumi.getter(name="realtimeVisibilityEnabled") + def realtime_visibility_enabled(self) -> bool: + """ + Whether real-time visibility is enabled + """ + return pulumi.get(self, "realtime_visibility_enabled") + + @property + @pulumi.getter(name="sensorManagementEnabled") + def sensor_management_enabled(self) -> bool: + """ + Whether 1-click sensor deployment is enabled + """ + return pulumi.get(self, "sensor_management_enabled") + + @property + @pulumi.getter(name="targetOuses") + def target_ouses(self) -> Sequence[str]: + """ + The list of AWS Organizational Units (OUs) targeted for this account + """ + return pulumi.get(self, "target_ouses") + + @pulumi.output_type class GetSensorUpdatePolicyBuildsLinuxResult(dict): def __init__(__self__, *, diff --git a/sdk/python/crowdstrike_pulumi/prevention_policy_linux.py b/sdk/python/crowdstrike_pulumi/prevention_policy_linux.py index 93d4a50..cbd4f7f 100644 --- a/sdk/python/crowdstrike_pulumi/prevention_policy_linux.py +++ b/sdk/python/crowdstrike_pulumi/prevention_policy_linux.py @@ -32,12 +32,15 @@ def __init__(__self__, *, filesystem_visibility: Optional[pulumi.Input[bool]] = None, ftp_visibility: Optional[pulumi.Input[bool]] = None, http_visibility: Optional[pulumi.Input[bool]] = None, + memory_visibility: Optional[pulumi.Input[bool]] = None, name: Optional[pulumi.Input[str]] = None, network_visibility: Optional[pulumi.Input[bool]] = None, + on_write_script_file_visibility: Optional[pulumi.Input[bool]] = None, prevent_suspicious_processes: Optional[pulumi.Input[bool]] = None, quarantine: Optional[pulumi.Input[bool]] = None, script_based_execution_monitoring: Optional[pulumi.Input[bool]] = None, sensor_anti_malware: Optional[pulumi.Input['PreventionPolicyLinuxSensorAntiMalwareArgs']] = None, + sensor_tampering_protection: Optional[pulumi.Input[bool]] = None, tls_visibility: Optional[pulumi.Input[bool]] = None, upload_unknown_detection_related_executables: Optional[pulumi.Input[bool]] = None, upload_unknown_executables: Optional[pulumi.Input[bool]] = None): @@ -54,12 +57,15 @@ def __init__(__self__, *, :param pulumi.Input[bool] filesystem_visibility: Whether to enable the setting. Allows the sensor to monitor filesystem activity for additional telemetry and improved detections. :param pulumi.Input[bool] ftp_visibility: Whether to enable the setting. Allows the sensor to monitor unencrypted FTP traffic for malicious patterns and improved detections. :param pulumi.Input[bool] http_visibility: Whether to enable the setting. Allows the sensor to monitor unencrypted HTTP traffic for malicious patterns and improved detections. + :param pulumi.Input[bool] memory_visibility: Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. :param pulumi.Input[str] name: Name of the prevention policy. :param pulumi.Input[bool] network_visibility: Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. + :param pulumi.Input[bool] on_write_script_file_visibility: Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. :param pulumi.Input[bool] prevent_suspicious_processes: Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. :param pulumi.Input[bool] quarantine: Whether to enable the setting. Quarantine executable files after they’re prevented by NGAV. When this is enabled, we recommend setting anti-malware prevention levels to Moderate or higher and not using other antivirus solutions. :param pulumi.Input[bool] script_based_execution_monitoring: Whether to enable the setting. Provides visibility into suspicious scripts, including shell and other scripting languages. :param pulumi.Input['PreventionPolicyLinuxSensorAntiMalwareArgs'] sensor_anti_malware: For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. + :param pulumi.Input[bool] sensor_tampering_protection: Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. :param pulumi.Input[bool] tls_visibility: Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. :param pulumi.Input[bool] upload_unknown_detection_related_executables: Whether to enable the setting. Upload all unknown detection-related executables for advanced analysis in the cloud. :param pulumi.Input[bool] upload_unknown_executables: Whether to enable the setting. Upload all unknown executables for advanced analysis in the cloud. @@ -84,10 +90,14 @@ def __init__(__self__, *, pulumi.set(__self__, "ftp_visibility", ftp_visibility) if http_visibility is not None: pulumi.set(__self__, "http_visibility", http_visibility) + if memory_visibility is not None: + pulumi.set(__self__, "memory_visibility", memory_visibility) if name is not None: pulumi.set(__self__, "name", name) if network_visibility is not None: pulumi.set(__self__, "network_visibility", network_visibility) + if on_write_script_file_visibility is not None: + pulumi.set(__self__, "on_write_script_file_visibility", on_write_script_file_visibility) if prevent_suspicious_processes is not None: pulumi.set(__self__, "prevent_suspicious_processes", prevent_suspicious_processes) if quarantine is not None: @@ -96,6 +106,8 @@ def __init__(__self__, *, pulumi.set(__self__, "script_based_execution_monitoring", script_based_execution_monitoring) if sensor_anti_malware is not None: pulumi.set(__self__, "sensor_anti_malware", sensor_anti_malware) + if sensor_tampering_protection is not None: + pulumi.set(__self__, "sensor_tampering_protection", sensor_tampering_protection) if tls_visibility is not None: pulumi.set(__self__, "tls_visibility", tls_visibility) if upload_unknown_detection_related_executables is not None: @@ -235,6 +247,18 @@ def http_visibility(self) -> Optional[pulumi.Input[bool]]: def http_visibility(self, value: Optional[pulumi.Input[bool]]): pulumi.set(self, "http_visibility", value) + @property + @pulumi.getter(name="memoryVisibility") + def memory_visibility(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + """ + return pulumi.get(self, "memory_visibility") + + @memory_visibility.setter + def memory_visibility(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "memory_visibility", value) + @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: @@ -259,6 +283,18 @@ def network_visibility(self) -> Optional[pulumi.Input[bool]]: def network_visibility(self, value: Optional[pulumi.Input[bool]]): pulumi.set(self, "network_visibility", value) + @property + @pulumi.getter(name="onWriteScriptFileVisibility") + def on_write_script_file_visibility(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + """ + return pulumi.get(self, "on_write_script_file_visibility") + + @on_write_script_file_visibility.setter + def on_write_script_file_visibility(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "on_write_script_file_visibility", value) + @property @pulumi.getter(name="preventSuspiciousProcesses") def prevent_suspicious_processes(self) -> Optional[pulumi.Input[bool]]: @@ -307,6 +343,18 @@ def sensor_anti_malware(self) -> Optional[pulumi.Input['PreventionPolicyLinuxSen def sensor_anti_malware(self, value: Optional[pulumi.Input['PreventionPolicyLinuxSensorAntiMalwareArgs']]): pulumi.set(self, "sensor_anti_malware", value) + @property + @pulumi.getter(name="sensorTamperingProtection") + def sensor_tampering_protection(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + """ + return pulumi.get(self, "sensor_tampering_protection") + + @sensor_tampering_protection.setter + def sensor_tampering_protection(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "sensor_tampering_protection", value) + @property @pulumi.getter(name="tlsVisibility") def tls_visibility(self) -> Optional[pulumi.Input[bool]]: @@ -359,12 +407,15 @@ def __init__(__self__, *, http_visibility: Optional[pulumi.Input[bool]] = None, ioa_rule_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, last_updated: Optional[pulumi.Input[str]] = None, + memory_visibility: Optional[pulumi.Input[bool]] = None, name: Optional[pulumi.Input[str]] = None, network_visibility: Optional[pulumi.Input[bool]] = None, + on_write_script_file_visibility: Optional[pulumi.Input[bool]] = None, prevent_suspicious_processes: Optional[pulumi.Input[bool]] = None, quarantine: Optional[pulumi.Input[bool]] = None, script_based_execution_monitoring: Optional[pulumi.Input[bool]] = None, sensor_anti_malware: Optional[pulumi.Input['PreventionPolicyLinuxSensorAntiMalwareArgs']] = None, + sensor_tampering_protection: Optional[pulumi.Input[bool]] = None, tls_visibility: Optional[pulumi.Input[bool]] = None, upload_unknown_detection_related_executables: Optional[pulumi.Input[bool]] = None, upload_unknown_executables: Optional[pulumi.Input[bool]] = None): @@ -381,12 +432,15 @@ def __init__(__self__, *, :param pulumi.Input[Sequence[pulumi.Input[str]]] host_groups: Host Group ids to attach to the prevention policy. :param pulumi.Input[bool] http_visibility: Whether to enable the setting. Allows the sensor to monitor unencrypted HTTP traffic for malicious patterns and improved detections. :param pulumi.Input[Sequence[pulumi.Input[str]]] ioa_rule_groups: IOA Rule Group to attach to the prevention policy. + :param pulumi.Input[bool] memory_visibility: Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. :param pulumi.Input[str] name: Name of the prevention policy. :param pulumi.Input[bool] network_visibility: Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. + :param pulumi.Input[bool] on_write_script_file_visibility: Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. :param pulumi.Input[bool] prevent_suspicious_processes: Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. :param pulumi.Input[bool] quarantine: Whether to enable the setting. Quarantine executable files after they’re prevented by NGAV. When this is enabled, we recommend setting anti-malware prevention levels to Moderate or higher and not using other antivirus solutions. :param pulumi.Input[bool] script_based_execution_monitoring: Whether to enable the setting. Provides visibility into suspicious scripts, including shell and other scripting languages. :param pulumi.Input['PreventionPolicyLinuxSensorAntiMalwareArgs'] sensor_anti_malware: For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. + :param pulumi.Input[bool] sensor_tampering_protection: Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. :param pulumi.Input[bool] tls_visibility: Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. :param pulumi.Input[bool] upload_unknown_detection_related_executables: Whether to enable the setting. Upload all unknown detection-related executables for advanced analysis in the cloud. :param pulumi.Input[bool] upload_unknown_executables: Whether to enable the setting. Upload all unknown executables for advanced analysis in the cloud. @@ -415,10 +469,14 @@ def __init__(__self__, *, pulumi.set(__self__, "ioa_rule_groups", ioa_rule_groups) if last_updated is not None: pulumi.set(__self__, "last_updated", last_updated) + if memory_visibility is not None: + pulumi.set(__self__, "memory_visibility", memory_visibility) if name is not None: pulumi.set(__self__, "name", name) if network_visibility is not None: pulumi.set(__self__, "network_visibility", network_visibility) + if on_write_script_file_visibility is not None: + pulumi.set(__self__, "on_write_script_file_visibility", on_write_script_file_visibility) if prevent_suspicious_processes is not None: pulumi.set(__self__, "prevent_suspicious_processes", prevent_suspicious_processes) if quarantine is not None: @@ -427,6 +485,8 @@ def __init__(__self__, *, pulumi.set(__self__, "script_based_execution_monitoring", script_based_execution_monitoring) if sensor_anti_malware is not None: pulumi.set(__self__, "sensor_anti_malware", sensor_anti_malware) + if sensor_tampering_protection is not None: + pulumi.set(__self__, "sensor_tampering_protection", sensor_tampering_protection) if tls_visibility is not None: pulumi.set(__self__, "tls_visibility", tls_visibility) if upload_unknown_detection_related_executables is not None: @@ -575,6 +635,18 @@ def last_updated(self) -> Optional[pulumi.Input[str]]: def last_updated(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "last_updated", value) + @property + @pulumi.getter(name="memoryVisibility") + def memory_visibility(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + """ + return pulumi.get(self, "memory_visibility") + + @memory_visibility.setter + def memory_visibility(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "memory_visibility", value) + @property @pulumi.getter def name(self) -> Optional[pulumi.Input[str]]: @@ -599,6 +671,18 @@ def network_visibility(self) -> Optional[pulumi.Input[bool]]: def network_visibility(self, value: Optional[pulumi.Input[bool]]): pulumi.set(self, "network_visibility", value) + @property + @pulumi.getter(name="onWriteScriptFileVisibility") + def on_write_script_file_visibility(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + """ + return pulumi.get(self, "on_write_script_file_visibility") + + @on_write_script_file_visibility.setter + def on_write_script_file_visibility(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "on_write_script_file_visibility", value) + @property @pulumi.getter(name="preventSuspiciousProcesses") def prevent_suspicious_processes(self) -> Optional[pulumi.Input[bool]]: @@ -647,6 +731,18 @@ def sensor_anti_malware(self) -> Optional[pulumi.Input['PreventionPolicyLinuxSen def sensor_anti_malware(self, value: Optional[pulumi.Input['PreventionPolicyLinuxSensorAntiMalwareArgs']]): pulumi.set(self, "sensor_anti_malware", value) + @property + @pulumi.getter(name="sensorTamperingProtection") + def sensor_tampering_protection(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + """ + return pulumi.get(self, "sensor_tampering_protection") + + @sensor_tampering_protection.setter + def sensor_tampering_protection(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "sensor_tampering_protection", value) + @property @pulumi.getter(name="tlsVisibility") def tls_visibility(self) -> Optional[pulumi.Input[bool]]: @@ -700,12 +796,15 @@ def __init__(__self__, host_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, http_visibility: Optional[pulumi.Input[bool]] = None, ioa_rule_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + memory_visibility: Optional[pulumi.Input[bool]] = None, name: Optional[pulumi.Input[str]] = None, network_visibility: Optional[pulumi.Input[bool]] = None, + on_write_script_file_visibility: Optional[pulumi.Input[bool]] = None, prevent_suspicious_processes: Optional[pulumi.Input[bool]] = None, quarantine: Optional[pulumi.Input[bool]] = None, script_based_execution_monitoring: Optional[pulumi.Input[bool]] = None, sensor_anti_malware: Optional[pulumi.Input[Union['PreventionPolicyLinuxSensorAntiMalwareArgs', 'PreventionPolicyLinuxSensorAntiMalwareArgsDict']]] = None, + sensor_tampering_protection: Optional[pulumi.Input[bool]] = None, tls_visibility: Optional[pulumi.Input[bool]] = None, upload_unknown_detection_related_executables: Optional[pulumi.Input[bool]] = None, upload_unknown_executables: Optional[pulumi.Input[bool]] = None, @@ -728,7 +827,7 @@ def __init__(__self__, example = crowdstrike.PreventionPolicyLinux("example", enabled=True, description="Made with Pulumi", - host_groups=["d6e3c1e1b3d0467da0fowc96a5e6ecb5"], + host_groups=[], ioa_rule_groups=[], cloud_anti_malware={ "detection": "MODERATE", @@ -750,7 +849,10 @@ def __init__(__self__, ftp_visibility=True, http_visibility=True, network_visibility=True, - tls_visibility=True) + tls_visibility=True, + sensor_tampering_protection=True, + on_write_script_file_visibility=True, + memory_visibility=True) pulumi.export("preventionPolicyLinux", example) ``` @@ -775,12 +877,15 @@ def __init__(__self__, :param pulumi.Input[Sequence[pulumi.Input[str]]] host_groups: Host Group ids to attach to the prevention policy. :param pulumi.Input[bool] http_visibility: Whether to enable the setting. Allows the sensor to monitor unencrypted HTTP traffic for malicious patterns and improved detections. :param pulumi.Input[Sequence[pulumi.Input[str]]] ioa_rule_groups: IOA Rule Group to attach to the prevention policy. + :param pulumi.Input[bool] memory_visibility: Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. :param pulumi.Input[str] name: Name of the prevention policy. :param pulumi.Input[bool] network_visibility: Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. + :param pulumi.Input[bool] on_write_script_file_visibility: Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. :param pulumi.Input[bool] prevent_suspicious_processes: Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. :param pulumi.Input[bool] quarantine: Whether to enable the setting. Quarantine executable files after they’re prevented by NGAV. When this is enabled, we recommend setting anti-malware prevention levels to Moderate or higher and not using other antivirus solutions. :param pulumi.Input[bool] script_based_execution_monitoring: Whether to enable the setting. Provides visibility into suspicious scripts, including shell and other scripting languages. :param pulumi.Input[Union['PreventionPolicyLinuxSensorAntiMalwareArgs', 'PreventionPolicyLinuxSensorAntiMalwareArgsDict']] sensor_anti_malware: For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. + :param pulumi.Input[bool] sensor_tampering_protection: Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. :param pulumi.Input[bool] tls_visibility: Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. :param pulumi.Input[bool] upload_unknown_detection_related_executables: Whether to enable the setting. Upload all unknown detection-related executables for advanced analysis in the cloud. :param pulumi.Input[bool] upload_unknown_executables: Whether to enable the setting. Upload all unknown executables for advanced analysis in the cloud. @@ -809,7 +914,7 @@ def __init__(__self__, example = crowdstrike.PreventionPolicyLinux("example", enabled=True, description="Made with Pulumi", - host_groups=["d6e3c1e1b3d0467da0fowc96a5e6ecb5"], + host_groups=[], ioa_rule_groups=[], cloud_anti_malware={ "detection": "MODERATE", @@ -831,7 +936,10 @@ def __init__(__self__, ftp_visibility=True, http_visibility=True, network_visibility=True, - tls_visibility=True) + tls_visibility=True, + sensor_tampering_protection=True, + on_write_script_file_visibility=True, + memory_visibility=True) pulumi.export("preventionPolicyLinux", example) ``` @@ -869,12 +977,15 @@ def _internal_init(__self__, host_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, http_visibility: Optional[pulumi.Input[bool]] = None, ioa_rule_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + memory_visibility: Optional[pulumi.Input[bool]] = None, name: Optional[pulumi.Input[str]] = None, network_visibility: Optional[pulumi.Input[bool]] = None, + on_write_script_file_visibility: Optional[pulumi.Input[bool]] = None, prevent_suspicious_processes: Optional[pulumi.Input[bool]] = None, quarantine: Optional[pulumi.Input[bool]] = None, script_based_execution_monitoring: Optional[pulumi.Input[bool]] = None, sensor_anti_malware: Optional[pulumi.Input[Union['PreventionPolicyLinuxSensorAntiMalwareArgs', 'PreventionPolicyLinuxSensorAntiMalwareArgsDict']]] = None, + sensor_tampering_protection: Optional[pulumi.Input[bool]] = None, tls_visibility: Optional[pulumi.Input[bool]] = None, upload_unknown_detection_related_executables: Optional[pulumi.Input[bool]] = None, upload_unknown_executables: Optional[pulumi.Input[bool]] = None, @@ -902,12 +1013,15 @@ def _internal_init(__self__, if ioa_rule_groups is None and not opts.urn: raise TypeError("Missing required property 'ioa_rule_groups'") __props__.__dict__["ioa_rule_groups"] = ioa_rule_groups + __props__.__dict__["memory_visibility"] = memory_visibility __props__.__dict__["name"] = name __props__.__dict__["network_visibility"] = network_visibility + __props__.__dict__["on_write_script_file_visibility"] = on_write_script_file_visibility __props__.__dict__["prevent_suspicious_processes"] = prevent_suspicious_processes __props__.__dict__["quarantine"] = quarantine __props__.__dict__["script_based_execution_monitoring"] = script_based_execution_monitoring __props__.__dict__["sensor_anti_malware"] = sensor_anti_malware + __props__.__dict__["sensor_tampering_protection"] = sensor_tampering_protection __props__.__dict__["tls_visibility"] = tls_visibility __props__.__dict__["upload_unknown_detection_related_executables"] = upload_unknown_detection_related_executables __props__.__dict__["upload_unknown_executables"] = upload_unknown_executables @@ -934,12 +1048,15 @@ def get(resource_name: str, http_visibility: Optional[pulumi.Input[bool]] = None, ioa_rule_groups: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, last_updated: Optional[pulumi.Input[str]] = None, + memory_visibility: Optional[pulumi.Input[bool]] = None, name: Optional[pulumi.Input[str]] = None, network_visibility: Optional[pulumi.Input[bool]] = None, + on_write_script_file_visibility: Optional[pulumi.Input[bool]] = None, prevent_suspicious_processes: Optional[pulumi.Input[bool]] = None, quarantine: Optional[pulumi.Input[bool]] = None, script_based_execution_monitoring: Optional[pulumi.Input[bool]] = None, sensor_anti_malware: Optional[pulumi.Input[Union['PreventionPolicyLinuxSensorAntiMalwareArgs', 'PreventionPolicyLinuxSensorAntiMalwareArgsDict']]] = None, + sensor_tampering_protection: Optional[pulumi.Input[bool]] = None, tls_visibility: Optional[pulumi.Input[bool]] = None, upload_unknown_detection_related_executables: Optional[pulumi.Input[bool]] = None, upload_unknown_executables: Optional[pulumi.Input[bool]] = None) -> 'PreventionPolicyLinux': @@ -961,12 +1078,15 @@ def get(resource_name: str, :param pulumi.Input[Sequence[pulumi.Input[str]]] host_groups: Host Group ids to attach to the prevention policy. :param pulumi.Input[bool] http_visibility: Whether to enable the setting. Allows the sensor to monitor unencrypted HTTP traffic for malicious patterns and improved detections. :param pulumi.Input[Sequence[pulumi.Input[str]]] ioa_rule_groups: IOA Rule Group to attach to the prevention policy. + :param pulumi.Input[bool] memory_visibility: Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. :param pulumi.Input[str] name: Name of the prevention policy. :param pulumi.Input[bool] network_visibility: Whether to enable the setting. Allows the sensor to monitor network activity for additional telemetry and improved detections. + :param pulumi.Input[bool] on_write_script_file_visibility: Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. :param pulumi.Input[bool] prevent_suspicious_processes: Whether to enable the setting. Block processes that CrowdStrike analysts classify as suspicious. These are focused on dynamic IOAs, such as malware, exploits and other threats. :param pulumi.Input[bool] quarantine: Whether to enable the setting. Quarantine executable files after they’re prevented by NGAV. When this is enabled, we recommend setting anti-malware prevention levels to Moderate or higher and not using other antivirus solutions. :param pulumi.Input[bool] script_based_execution_monitoring: Whether to enable the setting. Provides visibility into suspicious scripts, including shell and other scripting languages. :param pulumi.Input[Union['PreventionPolicyLinuxSensorAntiMalwareArgs', 'PreventionPolicyLinuxSensorAntiMalwareArgsDict']] sensor_anti_malware: For offline and online hosts, use sensor-based machine learning to identify and analyze unknown executables as they run to detect and prevent malware. + :param pulumi.Input[bool] sensor_tampering_protection: Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. :param pulumi.Input[bool] tls_visibility: Whether to enable the setting. Allows the sensor to monitor TLS traffic for malicious patterns and improved detections. :param pulumi.Input[bool] upload_unknown_detection_related_executables: Whether to enable the setting. Upload all unknown detection-related executables for advanced analysis in the cloud. :param pulumi.Input[bool] upload_unknown_executables: Whether to enable the setting. Upload all unknown executables for advanced analysis in the cloud. @@ -987,12 +1107,15 @@ def get(resource_name: str, __props__.__dict__["http_visibility"] = http_visibility __props__.__dict__["ioa_rule_groups"] = ioa_rule_groups __props__.__dict__["last_updated"] = last_updated + __props__.__dict__["memory_visibility"] = memory_visibility __props__.__dict__["name"] = name __props__.__dict__["network_visibility"] = network_visibility + __props__.__dict__["on_write_script_file_visibility"] = on_write_script_file_visibility __props__.__dict__["prevent_suspicious_processes"] = prevent_suspicious_processes __props__.__dict__["quarantine"] = quarantine __props__.__dict__["script_based_execution_monitoring"] = script_based_execution_monitoring __props__.__dict__["sensor_anti_malware"] = sensor_anti_malware + __props__.__dict__["sensor_tampering_protection"] = sensor_tampering_protection __props__.__dict__["tls_visibility"] = tls_visibility __props__.__dict__["upload_unknown_detection_related_executables"] = upload_unknown_detection_related_executables __props__.__dict__["upload_unknown_executables"] = upload_unknown_executables @@ -1091,6 +1214,14 @@ def ioa_rule_groups(self) -> pulumi.Output[Sequence[str]]: def last_updated(self) -> pulumi.Output[str]: return pulumi.get(self, "last_updated") + @property + @pulumi.getter(name="memoryVisibility") + def memory_visibility(self) -> pulumi.Output[bool]: + """ + Whether to enable the setting. When enabled, the sensor will inspect memory-related operations: mmap, mprotect, ptrace and reading/writing remote process memory and produce events. + """ + return pulumi.get(self, "memory_visibility") + @property @pulumi.getter def name(self) -> pulumi.Output[str]: @@ -1107,6 +1238,14 @@ def network_visibility(self) -> pulumi.Output[bool]: """ return pulumi.get(self, "network_visibility") + @property + @pulumi.getter(name="onWriteScriptFileVisibility") + def on_write_script_file_visibility(self) -> pulumi.Output[bool]: + """ + Whether to enable the setting. Provides improved visibility into various script files being written to disk in addition to clouding a portion of their content. + """ + return pulumi.get(self, "on_write_script_file_visibility") + @property @pulumi.getter(name="preventSuspiciousProcesses") def prevent_suspicious_processes(self) -> pulumi.Output[bool]: @@ -1139,6 +1278,14 @@ def sensor_anti_malware(self) -> pulumi.Output['outputs.PreventionPolicyLinuxSen """ return pulumi.get(self, "sensor_anti_malware") + @property + @pulumi.getter(name="sensorTamperingProtection") + def sensor_tampering_protection(self) -> pulumi.Output[bool]: + """ + Whether to enable the setting. Block attempts to tamper with the sensor by protecting critical components and resources. If disabled, the sensor still creates detections for tampering attempts but will not prevent the activity from occurring. Disabling is not recommended. + """ + return pulumi.get(self, "sensor_tampering_protection") + @property @pulumi.getter(name="tlsVisibility") def tls_visibility(self) -> pulumi.Output[bool]: diff --git a/sdk/python/crowdstrike_pulumi/prevention_policy_mac.py b/sdk/python/crowdstrike_pulumi/prevention_policy_mac.py index 1968173..dbafcfd 100644 --- a/sdk/python/crowdstrike_pulumi/prevention_policy_mac.py +++ b/sdk/python/crowdstrike_pulumi/prevention_policy_mac.py @@ -893,7 +893,7 @@ def __init__(__self__, example = crowdstrike.PreventionPolicyMac("example", enabled=False, description="Made with Pulumi", - host_groups=["d6e3c1e1b3d0467da0fowc96a5e6ecb5"], + host_groups=[], ioa_rule_groups=[], cloud_adware_and_pup={ "detection": "MODERATE", @@ -990,7 +990,7 @@ def __init__(__self__, example = crowdstrike.PreventionPolicyMac("example", enabled=False, description="Made with Pulumi", - host_groups=["d6e3c1e1b3d0467da0fowc96a5e6ecb5"], + host_groups=[], ioa_rule_groups=[], cloud_adware_and_pup={ "detection": "MODERATE", diff --git a/sdk/python/crowdstrike_pulumi/prevention_policy_windows.py b/sdk/python/crowdstrike_pulumi/prevention_policy_windows.py index 73fdcb0..f0a7e3c 100644 --- a/sdk/python/crowdstrike_pulumi/prevention_policy_windows.py +++ b/sdk/python/crowdstrike_pulumi/prevention_policy_windows.py @@ -43,6 +43,7 @@ def __init__(__self__, *, driver_load_prevention: Optional[pulumi.Input[bool]] = None, enabled: Optional[pulumi.Input[bool]] = None, engine_full_visibility: Optional[pulumi.Input[bool]] = None, + enhanced_dll_load_visibility: Optional[pulumi.Input[bool]] = None, enhanced_exploitation_visibility: Optional[pulumi.Input[bool]] = None, enhanced_ml_for_larger_files: Optional[pulumi.Input[bool]] = None, extended_user_mode_data: Optional[pulumi.Input['PreventionPolicyWindowsExtendedUserModeDataArgs']] = None, @@ -107,6 +108,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] driver_load_prevention: Whether to enable the setting. Block the loading of kernel drivers that CrowdStrike analysts have identified as malicious. Available on Windows 10 and Windows Server 2016 and later. :param pulumi.Input[bool] enabled: Enable the prevention policy. :param pulumi.Input[bool] engine_full_visibility: Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreter_only to be enabled. + :param pulumi.Input[bool] enhanced_dll_load_visibility: Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. :param pulumi.Input[bool] enhanced_exploitation_visibility: Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. :param pulumi.Input[bool] enhanced_ml_for_larger_files: Whether to enable the setting. Expand ML file size coverage. Existing ML level settings apply. :param pulumi.Input['PreventionPolicyWindowsExtendedUserModeDataArgs'] extended_user_mode_data: Allows the sensor to get more data from a user-mode component it loads into all eligible processes, which augments online machine learning and turns on additional detections. Recommend testing with critical applications before full deployment. @@ -190,6 +192,8 @@ def __init__(__self__, *, pulumi.set(__self__, "enabled", enabled) if engine_full_visibility is not None: pulumi.set(__self__, "engine_full_visibility", engine_full_visibility) + if enhanced_dll_load_visibility is not None: + pulumi.set(__self__, "enhanced_dll_load_visibility", enhanced_dll_load_visibility) if enhanced_exploitation_visibility is not None: pulumi.set(__self__, "enhanced_exploitation_visibility", enhanced_exploitation_visibility) if enhanced_ml_for_larger_files is not None: @@ -535,6 +539,18 @@ def engine_full_visibility(self) -> Optional[pulumi.Input[bool]]: def engine_full_visibility(self, value: Optional[pulumi.Input[bool]]): pulumi.set(self, "engine_full_visibility", value) + @property + @pulumi.getter(name="enhancedDllLoadVisibility") + def enhanced_dll_load_visibility(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + """ + return pulumi.get(self, "enhanced_dll_load_visibility") + + @enhanced_dll_load_visibility.setter + def enhanced_dll_load_visibility(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "enhanced_dll_load_visibility", value) + @property @pulumi.getter(name="enhancedExploitationVisibility") def enhanced_exploitation_visibility(self) -> Optional[pulumi.Input[bool]]: @@ -1039,6 +1055,7 @@ def __init__(__self__, *, driver_load_prevention: Optional[pulumi.Input[bool]] = None, enabled: Optional[pulumi.Input[bool]] = None, engine_full_visibility: Optional[pulumi.Input[bool]] = None, + enhanced_dll_load_visibility: Optional[pulumi.Input[bool]] = None, enhanced_exploitation_visibility: Optional[pulumi.Input[bool]] = None, enhanced_ml_for_larger_files: Optional[pulumi.Input[bool]] = None, extended_user_mode_data: Optional[pulumi.Input['PreventionPolicyWindowsExtendedUserModeDataArgs']] = None, @@ -1104,6 +1121,7 @@ def __init__(__self__, *, :param pulumi.Input[bool] driver_load_prevention: Whether to enable the setting. Block the loading of kernel drivers that CrowdStrike analysts have identified as malicious. Available on Windows 10 and Windows Server 2016 and later. :param pulumi.Input[bool] enabled: Enable the prevention policy. :param pulumi.Input[bool] engine_full_visibility: Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreter_only to be enabled. + :param pulumi.Input[bool] enhanced_dll_load_visibility: Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. :param pulumi.Input[bool] enhanced_exploitation_visibility: Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. :param pulumi.Input[bool] enhanced_ml_for_larger_files: Whether to enable the setting. Expand ML file size coverage. Existing ML level settings apply. :param pulumi.Input['PreventionPolicyWindowsExtendedUserModeDataArgs'] extended_user_mode_data: Allows the sensor to get more data from a user-mode component it loads into all eligible processes, which augments online machine learning and turns on additional detections. Recommend testing with critical applications before full deployment. @@ -1187,6 +1205,8 @@ def __init__(__self__, *, pulumi.set(__self__, "enabled", enabled) if engine_full_visibility is not None: pulumi.set(__self__, "engine_full_visibility", engine_full_visibility) + if enhanced_dll_load_visibility is not None: + pulumi.set(__self__, "enhanced_dll_load_visibility", enhanced_dll_load_visibility) if enhanced_exploitation_visibility is not None: pulumi.set(__self__, "enhanced_exploitation_visibility", enhanced_exploitation_visibility) if enhanced_ml_for_larger_files is not None: @@ -1514,6 +1534,18 @@ def engine_full_visibility(self) -> Optional[pulumi.Input[bool]]: def engine_full_visibility(self, value: Optional[pulumi.Input[bool]]): pulumi.set(self, "engine_full_visibility", value) + @property + @pulumi.getter(name="enhancedDllLoadVisibility") + def enhanced_dll_load_visibility(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + """ + return pulumi.get(self, "enhanced_dll_load_visibility") + + @enhanced_dll_load_visibility.setter + def enhanced_dll_load_visibility(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "enhanced_dll_load_visibility", value) + @property @pulumi.getter(name="enhancedExploitationVisibility") def enhanced_exploitation_visibility(self) -> Optional[pulumi.Input[bool]]: @@ -2053,6 +2085,7 @@ def __init__(__self__, driver_load_prevention: Optional[pulumi.Input[bool]] = None, enabled: Optional[pulumi.Input[bool]] = None, engine_full_visibility: Optional[pulumi.Input[bool]] = None, + enhanced_dll_load_visibility: Optional[pulumi.Input[bool]] = None, enhanced_exploitation_visibility: Optional[pulumi.Input[bool]] = None, enhanced_ml_for_larger_files: Optional[pulumi.Input[bool]] = None, extended_user_mode_data: Optional[pulumi.Input[Union['PreventionPolicyWindowsExtendedUserModeDataArgs', 'PreventionPolicyWindowsExtendedUserModeDataArgsDict']]] = None, @@ -2112,9 +2145,9 @@ def __init__(__self__, import crowdstrike_pulumi as crowdstrike example = crowdstrike.PreventionPolicyWindows("example", - enabled=False, + enabled=True, description="Made with Pulumi", - host_groups=["d6e3c1e1b3d0467da0fowc96a5e6ecb5"], + host_groups=[], ioa_rule_groups=[], adware_and_pup={ "detection": "MODERATE", @@ -2143,56 +2176,57 @@ def __init__(__self__, extended_user_mode_data={ "detection": "MODERATE", }, - usb_insertion_triggered_scan=False, - application_exploitation_activity=False, - additional_user_mode_data=False, - notify_end_users=False, - advanced_remediation=False, - backup_deletion=False, - bios_deep_visibility=False, - chopper_webshell=False, - code_injection=False, - credential_dumping=False, - cryptowall=False, - custom_blocking=False, - detect_on_write=False, - drive_by_download=False, - driver_load_prevention=False, - interpreter_only=False, - engine_full_visibility=False, - enhanced_exploitation_visibility=False, - enhanced_ml_for_larger_files=False, - file_encryption=False, - file_system_access=False, - force_aslr=False, - force_dep=False, - heap_spray_preallocation=False, - null_page_allocation=False, - seh_overwrite_protection=False, - hardware_enhanced_exploit_detection=False, - http_detections=False, - redact_http_detection_details=False, - intelligence_sourced_threats=False, - javascript_via_rundll32=False, - locky=False, - memory_scanning=False, - memory_scanning_scan_with_cpu=False, - microsoft_office_file_suspicious_macro_removal=False, - on_write_script_file_visibility=False, - prevent_suspicious_processes=False, - quarantine_and_security_center_registration=False, - quarantine_on_removable_media=False, - quarantine_on_write=False, - script_based_execution_monitoring=False, - sensor_tampering_protection=False, - suspicious_registry_operations=False, - suspicious_scripts_and_commands=False, - upload_unknown_executables=False, - upload_unknown_detection_related_executables=False, - volume_shadow_copy_audit=False, - volume_shadow_copy_protect=False, - vulnerable_driver_protection=False, - windows_logon_bypass_sticky_keys=False) + usb_insertion_triggered_scan=True, + application_exploitation_activity=True, + additional_user_mode_data=True, + notify_end_users=True, + advanced_remediation=True, + backup_deletion=True, + bios_deep_visibility=True, + chopper_webshell=True, + code_injection=True, + credential_dumping=True, + cryptowall=True, + custom_blocking=True, + detect_on_write=True, + drive_by_download=True, + driver_load_prevention=True, + interpreter_only=True, + engine_full_visibility=True, + enhanced_exploitation_visibility=True, + enhanced_dll_load_visibility=True, + enhanced_ml_for_larger_files=True, + file_encryption=True, + file_system_access=True, + force_aslr=True, + force_dep=True, + heap_spray_preallocation=True, + null_page_allocation=True, + seh_overwrite_protection=True, + hardware_enhanced_exploit_detection=True, + http_detections=True, + redact_http_detection_details=True, + intelligence_sourced_threats=True, + javascript_via_rundll32=True, + locky=True, + memory_scanning=True, + memory_scanning_scan_with_cpu=True, + microsoft_office_file_suspicious_macro_removal=True, + on_write_script_file_visibility=True, + prevent_suspicious_processes=True, + quarantine_and_security_center_registration=True, + quarantine_on_removable_media=True, + quarantine_on_write=True, + script_based_execution_monitoring=True, + sensor_tampering_protection=True, + suspicious_registry_operations=True, + suspicious_scripts_and_commands=True, + upload_unknown_executables=True, + upload_unknown_detection_related_executables=True, + volume_shadow_copy_audit=True, + volume_shadow_copy_protect=True, + vulnerable_driver_protection=True, + windows_logon_bypass_sticky_keys=True) pulumi.export("preventionPolicyWindows", example) ``` @@ -2226,6 +2260,7 @@ def __init__(__self__, :param pulumi.Input[bool] driver_load_prevention: Whether to enable the setting. Block the loading of kernel drivers that CrowdStrike analysts have identified as malicious. Available on Windows 10 and Windows Server 2016 and later. :param pulumi.Input[bool] enabled: Enable the prevention policy. :param pulumi.Input[bool] engine_full_visibility: Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreter_only to be enabled. + :param pulumi.Input[bool] enhanced_dll_load_visibility: Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. :param pulumi.Input[bool] enhanced_exploitation_visibility: Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. :param pulumi.Input[bool] enhanced_ml_for_larger_files: Whether to enable the setting. Expand ML file size coverage. Existing ML level settings apply. :param pulumi.Input[Union['PreventionPolicyWindowsExtendedUserModeDataArgs', 'PreventionPolicyWindowsExtendedUserModeDataArgsDict']] extended_user_mode_data: Allows the sensor to get more data from a user-mode component it loads into all eligible processes, which augments online machine learning and turns on additional detections. Recommend testing with critical applications before full deployment. @@ -2291,9 +2326,9 @@ def __init__(__self__, import crowdstrike_pulumi as crowdstrike example = crowdstrike.PreventionPolicyWindows("example", - enabled=False, + enabled=True, description="Made with Pulumi", - host_groups=["d6e3c1e1b3d0467da0fowc96a5e6ecb5"], + host_groups=[], ioa_rule_groups=[], adware_and_pup={ "detection": "MODERATE", @@ -2322,56 +2357,57 @@ def __init__(__self__, extended_user_mode_data={ "detection": "MODERATE", }, - usb_insertion_triggered_scan=False, - application_exploitation_activity=False, - additional_user_mode_data=False, - notify_end_users=False, - advanced_remediation=False, - backup_deletion=False, - bios_deep_visibility=False, - chopper_webshell=False, - code_injection=False, - credential_dumping=False, - cryptowall=False, - custom_blocking=False, - detect_on_write=False, - drive_by_download=False, - driver_load_prevention=False, - interpreter_only=False, - engine_full_visibility=False, - enhanced_exploitation_visibility=False, - enhanced_ml_for_larger_files=False, - file_encryption=False, - file_system_access=False, - force_aslr=False, - force_dep=False, - heap_spray_preallocation=False, - null_page_allocation=False, - seh_overwrite_protection=False, - hardware_enhanced_exploit_detection=False, - http_detections=False, - redact_http_detection_details=False, - intelligence_sourced_threats=False, - javascript_via_rundll32=False, - locky=False, - memory_scanning=False, - memory_scanning_scan_with_cpu=False, - microsoft_office_file_suspicious_macro_removal=False, - on_write_script_file_visibility=False, - prevent_suspicious_processes=False, - quarantine_and_security_center_registration=False, - quarantine_on_removable_media=False, - quarantine_on_write=False, - script_based_execution_monitoring=False, - sensor_tampering_protection=False, - suspicious_registry_operations=False, - suspicious_scripts_and_commands=False, - upload_unknown_executables=False, - upload_unknown_detection_related_executables=False, - volume_shadow_copy_audit=False, - volume_shadow_copy_protect=False, - vulnerable_driver_protection=False, - windows_logon_bypass_sticky_keys=False) + usb_insertion_triggered_scan=True, + application_exploitation_activity=True, + additional_user_mode_data=True, + notify_end_users=True, + advanced_remediation=True, + backup_deletion=True, + bios_deep_visibility=True, + chopper_webshell=True, + code_injection=True, + credential_dumping=True, + cryptowall=True, + custom_blocking=True, + detect_on_write=True, + drive_by_download=True, + driver_load_prevention=True, + interpreter_only=True, + engine_full_visibility=True, + enhanced_exploitation_visibility=True, + enhanced_dll_load_visibility=True, + enhanced_ml_for_larger_files=True, + file_encryption=True, + file_system_access=True, + force_aslr=True, + force_dep=True, + heap_spray_preallocation=True, + null_page_allocation=True, + seh_overwrite_protection=True, + hardware_enhanced_exploit_detection=True, + http_detections=True, + redact_http_detection_details=True, + intelligence_sourced_threats=True, + javascript_via_rundll32=True, + locky=True, + memory_scanning=True, + memory_scanning_scan_with_cpu=True, + microsoft_office_file_suspicious_macro_removal=True, + on_write_script_file_visibility=True, + prevent_suspicious_processes=True, + quarantine_and_security_center_registration=True, + quarantine_on_removable_media=True, + quarantine_on_write=True, + script_based_execution_monitoring=True, + sensor_tampering_protection=True, + suspicious_registry_operations=True, + suspicious_scripts_and_commands=True, + upload_unknown_executables=True, + upload_unknown_detection_related_executables=True, + volume_shadow_copy_audit=True, + volume_shadow_copy_protect=True, + vulnerable_driver_protection=True, + windows_logon_bypass_sticky_keys=True) pulumi.export("preventionPolicyWindows", example) ``` @@ -2418,6 +2454,7 @@ def _internal_init(__self__, driver_load_prevention: Optional[pulumi.Input[bool]] = None, enabled: Optional[pulumi.Input[bool]] = None, engine_full_visibility: Optional[pulumi.Input[bool]] = None, + enhanced_dll_load_visibility: Optional[pulumi.Input[bool]] = None, enhanced_exploitation_visibility: Optional[pulumi.Input[bool]] = None, enhanced_ml_for_larger_files: Optional[pulumi.Input[bool]] = None, extended_user_mode_data: Optional[pulumi.Input[Union['PreventionPolicyWindowsExtendedUserModeDataArgs', 'PreventionPolicyWindowsExtendedUserModeDataArgsDict']]] = None, @@ -2489,6 +2526,7 @@ def _internal_init(__self__, __props__.__dict__["driver_load_prevention"] = driver_load_prevention __props__.__dict__["enabled"] = enabled __props__.__dict__["engine_full_visibility"] = engine_full_visibility + __props__.__dict__["enhanced_dll_load_visibility"] = enhanced_dll_load_visibility __props__.__dict__["enhanced_exploitation_visibility"] = enhanced_exploitation_visibility __props__.__dict__["enhanced_ml_for_larger_files"] = enhanced_ml_for_larger_files __props__.__dict__["extended_user_mode_data"] = extended_user_mode_data @@ -2566,6 +2604,7 @@ def get(resource_name: str, driver_load_prevention: Optional[pulumi.Input[bool]] = None, enabled: Optional[pulumi.Input[bool]] = None, engine_full_visibility: Optional[pulumi.Input[bool]] = None, + enhanced_dll_load_visibility: Optional[pulumi.Input[bool]] = None, enhanced_exploitation_visibility: Optional[pulumi.Input[bool]] = None, enhanced_ml_for_larger_files: Optional[pulumi.Input[bool]] = None, extended_user_mode_data: Optional[pulumi.Input[Union['PreventionPolicyWindowsExtendedUserModeDataArgs', 'PreventionPolicyWindowsExtendedUserModeDataArgsDict']]] = None, @@ -2636,6 +2675,7 @@ def get(resource_name: str, :param pulumi.Input[bool] driver_load_prevention: Whether to enable the setting. Block the loading of kernel drivers that CrowdStrike analysts have identified as malicious. Available on Windows 10 and Windows Server 2016 and later. :param pulumi.Input[bool] enabled: Enable the prevention policy. :param pulumi.Input[bool] engine_full_visibility: Whether to enable the setting. Provides visibility into malicious System Management Automation engine usage by any application. Requires interpreter_only to be enabled. + :param pulumi.Input[bool] enhanced_dll_load_visibility: Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. :param pulumi.Input[bool] enhanced_exploitation_visibility: Whether to enable the setting. For hosts running Windows 10 1809 and Server 2019 and later, provides additional visibility into common exploitation techniques used to weaken or circumvent application security. :param pulumi.Input[bool] enhanced_ml_for_larger_files: Whether to enable the setting. Expand ML file size coverage. Existing ML level settings apply. :param pulumi.Input[Union['PreventionPolicyWindowsExtendedUserModeDataArgs', 'PreventionPolicyWindowsExtendedUserModeDataArgsDict']] extended_user_mode_data: Allows the sensor to get more data from a user-mode component it loads into all eligible processes, which augments online machine learning and turns on additional detections. Recommend testing with critical applications before full deployment. @@ -2703,6 +2743,7 @@ def get(resource_name: str, __props__.__dict__["driver_load_prevention"] = driver_load_prevention __props__.__dict__["enabled"] = enabled __props__.__dict__["engine_full_visibility"] = engine_full_visibility + __props__.__dict__["enhanced_dll_load_visibility"] = enhanced_dll_load_visibility __props__.__dict__["enhanced_exploitation_visibility"] = enhanced_exploitation_visibility __props__.__dict__["enhanced_ml_for_larger_files"] = enhanced_ml_for_larger_files __props__.__dict__["extended_user_mode_data"] = extended_user_mode_data @@ -2908,6 +2949,14 @@ def engine_full_visibility(self) -> pulumi.Output[bool]: """ return pulumi.get(self, "engine_full_visibility") + @property + @pulumi.getter(name="enhancedDllLoadVisibility") + def enhanced_dll_load_visibility(self) -> pulumi.Output[bool]: + """ + Whether to enable the setting. For hosts running Windows Server, increases sensor visibility of loaded DLLs. Improves detection coverage and telemetry, but may cause a small performance impact. Recommend testing with critical applications before full deployment. + """ + return pulumi.get(self, "enhanced_dll_load_visibility") + @property @pulumi.getter(name="enhancedExploitationVisibility") def enhanced_exploitation_visibility(self) -> pulumi.Output[bool]: diff --git a/sdk/python/crowdstrike_pulumi/provider.py b/sdk/python/crowdstrike_pulumi/provider.py index aa5fcb7..9ad1f91 100644 --- a/sdk/python/crowdstrike_pulumi/provider.py +++ b/sdk/python/crowdstrike_pulumi/provider.py @@ -21,14 +21,17 @@ class ProviderArgs: def __init__(__self__, *, client_id: Optional[pulumi.Input[str]] = None, client_secret: Optional[pulumi.Input[str]] = None, - cloud: Optional[pulumi.Input[str]] = None): + cloud: Optional[pulumi.Input[str]] = None, + member_cid: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a Provider resource. :param pulumi.Input[str] client_id: Falcon Client Id for authenticating to the CrowdStrike APIs. Will use FALCON_CLIENT_ID environment variable when left blank. :param pulumi.Input[str] client_secret: Falcon Client Secret used for authenticating to the CrowdStrike APIs. Will use FALCON_CLIENT_SECRET environment variable when left blank. - :param pulumi.Input[str] cloud: Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + :param pulumi.Input[str] cloud: Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + environment variable when left blank. + :param pulumi.Input[str] member_cid: For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID """ if client_id is not None: pulumi.set(__self__, "client_id", client_id) @@ -36,6 +39,8 @@ def __init__(__self__, *, pulumi.set(__self__, "client_secret", client_secret) if cloud is not None: pulumi.set(__self__, "cloud", cloud) + if member_cid is not None: + pulumi.set(__self__, "member_cid", member_cid) @property @pulumi.getter(name="clientId") @@ -67,7 +72,8 @@ def client_secret(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def cloud(self) -> Optional[pulumi.Input[str]]: """ - Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + environment variable when left blank. """ return pulumi.get(self, "cloud") @@ -75,6 +81,18 @@ def cloud(self) -> Optional[pulumi.Input[str]]: def cloud(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "cloud", value) + @property + @pulumi.getter(name="memberCid") + def member_cid(self) -> Optional[pulumi.Input[str]]: + """ + For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + """ + return pulumi.get(self, "member_cid") + + @member_cid.setter + def member_cid(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "member_cid", value) + class Provider(pulumi.ProviderResource): @overload @@ -84,6 +102,7 @@ def __init__(__self__, client_id: Optional[pulumi.Input[str]] = None, client_secret: Optional[pulumi.Input[str]] = None, cloud: Optional[pulumi.Input[str]] = None, + member_cid: Optional[pulumi.Input[str]] = None, __props__=None): """ The provider type for the crowdstrike package. By default, resources use package-wide configuration @@ -97,7 +116,9 @@ def __init__(__self__, blank. :param pulumi.Input[str] client_secret: Falcon Client Secret used for authenticating to the CrowdStrike APIs. Will use FALCON_CLIENT_SECRET environment variable when left blank. - :param pulumi.Input[str] cloud: Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + :param pulumi.Input[str] cloud: Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + environment variable when left blank. + :param pulumi.Input[str] member_cid: For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID """ ... @overload @@ -129,6 +150,7 @@ def _internal_init(__self__, client_id: Optional[pulumi.Input[str]] = None, client_secret: Optional[pulumi.Input[str]] = None, cloud: Optional[pulumi.Input[str]] = None, + member_cid: Optional[pulumi.Input[str]] = None, __props__=None): opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) if not isinstance(opts, pulumi.ResourceOptions): @@ -141,6 +163,7 @@ def _internal_init(__self__, __props__.__dict__["client_id"] = None if client_id is None else pulumi.Output.secret(client_id) __props__.__dict__["client_secret"] = None if client_secret is None else pulumi.Output.secret(client_secret) __props__.__dict__["cloud"] = cloud + __props__.__dict__["member_cid"] = member_cid secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["clientId", "clientSecret"]) opts = pulumi.ResourceOptions.merge(opts, secret_opts) super(Provider, __self__).__init__( @@ -171,7 +194,16 @@ def client_secret(self) -> pulumi.Output[Optional[str]]: @pulumi.getter def cloud(self) -> pulumi.Output[Optional[str]]: """ - Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1 + Falcon Cloud to authenticate to. Valid values are autodiscover, us-1, us-2, eu-1, us-gov-1. Will use FALCON_CLOUD + environment variable when left blank. """ return pulumi.get(self, "cloud") + @property + @pulumi.getter(name="memberCid") + def member_cid(self) -> pulumi.Output[Optional[str]]: + """ + For MSSP Master CIDs, optionally lock the token to act on behalf of this member CID + """ + return pulumi.get(self, "member_cid") +