feat: Add short-lived instance scanning option to agentless terraform

wl-smith · wl-smith · commit d731d8b06ec6 · 2023-10-27T17:07:29.000Z
diff --git a/examples/resource_lacework_integration_aws_agentless_scanning/main.tf b/examples/resource_lacework_integration_aws_agentless_scanning/main.tf
@@ -14,6 +14,7 @@ resource "lacework_integration_aws_agentless_scanning" "example" {
   scan_host_vulnerabilities = true
   scan_multi_volume         = false
   scan_stopped_instances    = true
+  scan_short_lived_instances = false
   account_id = var.account_id
   bucket_arn = var.bucket_arn
   credentials {
diff --git a/examples/resource_lacework_integration_aws_org_agentless_scanning/main.tf b/examples/resource_lacework_integration_aws_org_agentless_scanning/main.tf
@@ -18,6 +18,7 @@ resource "lacework_integration_aws_org_agentless_scanning" "example" {
   scan_host_vulnerabilities = true
   scan_multi_volume         = false
   scan_stopped_instances    = true
+  scan_short_lived_instances = false
   account_id                = var.account_id
   bucket_arn                = var.bucket_arn
   scanning_account          = var.scanning_account
diff --git a/lacework/resource_lacework_integration_aws_agentless_scanning.go b/lacework/resource_lacework_integration_aws_agentless_scanning.go
@@ -66,6 +66,12 @@ var awsAgentlessScanningIntegrationSchema = map[string]*schema.Schema{
 		Default:     true,
 		Description: "Whether to scan stopped instances (true)",
 	},
+	"scan_short_lived_instances": {
+		Type:        schema.TypeBool,
+		Optional:    true,
+		Default:     false,
+		Description: "Whether to scan short-lived (ephemeral) instances",
+	},
 	"account_id": {
 		Type:        schema.TypeString,
 		Optional:    true,
@@ -146,6 +152,7 @@ func resourceLaceworkIntegrationAwsAgentlessScanningCreate(d *schema.ResourceDat
 		ScanHostVulnerabilities: d.Get("scan_host_vulnerabilities").(bool),
 		ScanMultiVolume:         d.Get("scan_multi_volume").(bool),
 		ScanStoppedInstances:    d.Get("scan_stopped_instances").(bool),
+		ScanShortLivedInstances: d.Get("scan_short_lived_instances").(bool),
 		AccountID:               d.Get("account_id").(string),
 		BucketArn:               d.Get("bucket_arn").(string),
 		CrossAccountCreds: api.AwsSidekickCrossAccountCredentials{
@@ -253,6 +260,7 @@ func resourceLaceworkIntegrationAwsAgentlessScanningUpdate(d *schema.ResourceDat
 		ScanHostVulnerabilities: d.Get("scan_host_vulnerabilities").(bool),
 		ScanMultiVolume:         d.Get("scan_multi_volume").(bool),
 		ScanStoppedInstances:    d.Get("scan_stopped_instances").(bool),
+		ScanShortLivedInstances: d.Get("scan_short_lived_instances").(bool),
 		AccountID:               d.Get("account_id").(string),
 		BucketArn:               d.Get("bucket_arn").(string),
 		CrossAccountCreds: api.AwsSidekickCrossAccountCredentials{
diff --git a/lacework/resource_lacework_integration_aws_org_agentless_scanning.go b/lacework/resource_lacework_integration_aws_org_agentless_scanning.go
@@ -68,6 +68,12 @@ var awsOrgAgentlessScanningIntegrationSchema = map[string]*schema.Schema{
 		Default:     true,
 		Description: "Whether to scan stopped instances (true)",
 	},
+	"scan_short_lived_instances": {
+		Type:        schema.TypeBool,
+		Optional:    true,
+		Default:     false,
+		Description: "Whether to scan short-lived (ephemeral) instances",
+	},
 	"account_id": {
 		Type:        schema.TypeString,
 		Optional:    true,
@@ -202,6 +208,9 @@ func resourceLaceworkIntegrationAwsOrgAgentlessScanningCreate(d *schema.Resource
 		ScanFrequency:           d.Get("scan_frequency").(int),
 		ScanContainers:          d.Get("scan_containers").(bool),
 		ScanHostVulnerabilities: d.Get("scan_host_vulnerabilities").(bool),
+		ScanMultiVolume:         d.Get("scan_multi_volume").(bool),
+		ScanStoppedInstances:    d.Get("scan_stopped_instances").(bool),
+		ScanShortLivedInstances: d.Get("scan_short_lived_instances").(bool),
 		AccountID:               d.Get("account_id").(string),
 		BucketArn:               d.Get("bucket_arn").(string),
 		ScanningAccount:         d.Get("scanning_account").(string),
@@ -342,6 +351,9 @@ func resourceLaceworkIntegrationAwsOrgAgentlessScanningUpdate(d *schema.Resource
 		ScanFrequency:           d.Get("scan_frequency").(int),
 		ScanContainers:          d.Get("scan_containers").(bool),
 		ScanHostVulnerabilities: d.Get("scan_host_vulnerabilities").(bool),
+		ScanMultiVolume:         d.Get("scan_multi_volume").(bool),
+		ScanStoppedInstances:    d.Get("scan_stopped_instances").(bool),
+		ScanShortLivedInstances: d.Get("scan_short_lived_instances").(bool),
 		AccountID:               d.Get("account_id").(string),
 		BucketArn:               d.Get("bucket_arn").(string),
 		ScanningAccount:         d.Get("scanning_account").(string),
