Docs Home
ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud
ibm.CisRuleset
Explore with Pulumi AI
Provides an IBM Cloud Internet Services ruleset resource to update and delete the ruleset of an instance or domain. To deploy the managed rulesets see entrypoint ruleset. For more information about IBM Cloud Internet Services rulesets, see ruleset instance. As there is no option to create a ruleset resource, it is required to use import module to generate the respective resource configurations(Reference) and use the import command to populate the state file, as stated at the end of this page.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";
// update ruleset of a domain or instance
const config = new ibm.CisRuleset("config", {
cisId: ibm_cis.instance.id,
domainId: data.ibm_cis_domain.cis_domain.domain_id,
rulesetId: "943c5da120114ea5831dc1edf8b6f769",
rulesets: [{
description: "Entry point ruleset",
rules: [{
id: _var.rule.id,
action: "execute",
actionParameters: [{
id: _var.to_be_deployed_ruleset.id,
overrides: [{
action: "log",
enabled: true,
overrideRules: [{
ruleId: _var.overriden_rule.id,
enabled: true,
action: "block",
scoreThreshold: 60,
}],
categories: [{
category: "wordpress",
enabled: true,
action: "block",
}],
}],
}],
description: _var.rule.description,
enabled: false,
expression: "true",
ref: _var.reference_rule.id,
}],
}],
});
import pulumi
import pulumi_ibm as ibm
# update ruleset of a domain or instance
config = ibm.CisRuleset("config",
cis_id=ibm_cis["instance"]["id"],
domain_id=data["ibm_cis_domain"]["cis_domain"]["domain_id"],
ruleset_id="943c5da120114ea5831dc1edf8b6f769",
rulesets=[{
"description": "Entry point ruleset",
"rules": [{
"id": var["rule"]["id"],
"action": "execute",
"action_parameters": [{
"id": var["to_be_deployed_ruleset"]["id"],
"overrides": [{
"action": "log",
"enabled": True,
"override_rules": [{
"rule_id": var["overriden_rule"]["id"],
"enabled": True,
"action": "block",
"score_threshold": 60,
}],
"categories": [{
"category": "wordpress",
"enabled": True,
"action": "block",
}],
}],
}],
"description": var["rule"]["description"],
"enabled": False,
"expression": "true",
"ref": var["reference_rule"]["id"],
}],
}])
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// update ruleset of a domain or instance
_, err := ibm.NewCisRuleset(ctx, "config", &ibm.CisRulesetArgs{
CisId: pulumi.Any(ibm_cis.Instance.Id),
DomainId: pulumi.Any(data.Ibm_cis_domain.Cis_domain.Domain_id),
RulesetId: pulumi.String("943c5da120114ea5831dc1edf8b6f769"),
Rulesets: ibm.CisRulesetRulesetArray{
&ibm.CisRulesetRulesetArgs{
Description: pulumi.String("Entry point ruleset"),
Rules: ibm.CisRulesetRulesetRuleArray{
&ibm.CisRulesetRulesetRuleArgs{
Id: pulumi.Any(_var.Rule.Id),
Action: pulumi.String("execute"),
ActionParameters: ibm.CisRulesetRulesetRuleActionParameterArray{
&ibm.CisRulesetRulesetRuleActionParameterArgs{
Id: pulumi.Any(_var.To_be_deployed_ruleset.Id),
Overrides: ibm.CisRulesetRulesetRuleActionParameterOverrideArray{
&ibm.CisRulesetRulesetRuleActionParameterOverrideArgs{
Action: pulumi.String("log"),
Enabled: pulumi.Bool(true),
OverrideRules: ibm.CisRulesetRulesetRuleActionParameterOverrideOverrideRuleArray{
&ibm.CisRulesetRulesetRuleActionParameterOverrideOverrideRuleArgs{
RuleId: pulumi.Any(_var.Overriden_rule.Id),
Enabled: pulumi.Bool(true),
Action: pulumi.String("block"),
ScoreThreshold: pulumi.Float64(60),
},
},
Categories: ibm.CisRulesetRulesetRuleActionParameterOverrideCategoryArray{
&ibm.CisRulesetRulesetRuleActionParameterOverrideCategoryArgs{
Category: pulumi.String("wordpress"),
Enabled: pulumi.Bool(true),
Action: pulumi.String("block"),
},
},
},
},
},
},
Description: pulumi.Any(_var.Rule.Description),
Enabled: pulumi.Bool(false),
Expression: pulumi.String("true"),
Ref: pulumi.Any(_var.Reference_rule.Id),
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;
return await Deployment.RunAsync(() =>
{
// update ruleset of a domain or instance
var config = new Ibm.CisRuleset("config", new()
{
CisId = ibm_cis.Instance.Id,
DomainId = data.Ibm_cis_domain.Cis_domain.Domain_id,
RulesetId = "943c5da120114ea5831dc1edf8b6f769",
Rulesets = new[]
{
new Ibm.Inputs.CisRulesetRulesetArgs
{
Description = "Entry point ruleset",
Rules = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleArgs
{
Id = @var.Rule.Id,
Action = "execute",
ActionParameters = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleActionParameterArgs
{
Id = @var.To_be_deployed_ruleset.Id,
Overrides = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleActionParameterOverrideArgs
{
Action = "log",
Enabled = true,
OverrideRules = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleActionParameterOverrideOverrideRuleArgs
{
RuleId = @var.Overriden_rule.Id,
Enabled = true,
Action = "block",
ScoreThreshold = 60,
},
},
Categories = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleActionParameterOverrideCategoryArgs
{
Category = "wordpress",
Enabled = true,
Action = "block",
},
},
},
},
},
},
Description = @var.Rule.Description,
Enabled = false,
Expression = "true",
Ref = @var.Reference_rule.Id,
},
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.CisRuleset;
import com.pulumi.ibm.CisRulesetArgs;
import com.pulumi.ibm.inputs.CisRulesetRulesetArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// update ruleset of a domain or instance
var config = new CisRuleset("config", CisRulesetArgs.builder()
.cisId(ibm_cis.instance().id())
.domainId(data.ibm_cis_domain().cis_domain().domain_id())
.rulesetId("943c5da120114ea5831dc1edf8b6f769")
.rulesets(CisRulesetRulesetArgs.builder()
.description("Entry point ruleset")
.rules(CisRulesetRulesetRuleArgs.builder()
.id(var_.rule().id())
.action("execute")
.actionParameters(CisRulesetRulesetRuleActionParameterArgs.builder()
.id(var_.to_be_deployed_ruleset().id())
.overrides(CisRulesetRulesetRuleActionParameterOverrideArgs.builder()
.action("log")
.enabled(true)
.overrideRules(CisRulesetRulesetRuleActionParameterOverrideOverrideRuleArgs.builder()
.ruleId(var_.overriden_rule().id())
.enabled(true)
.action("block")
.scoreThreshold(60)
.build())
.categories(CisRulesetRulesetRuleActionParameterOverrideCategoryArgs.builder()
.category("wordpress")
.enabled(true)
.action("block")
.build())
.build())
.build())
.description(var_.rule().description())
.enabled(false)
.expression("true")
.ref(var_.reference_rule().id())
.build())
.build())
.build());
}
}
resources:
# update ruleset of a domain or instance
config:
type: ibm:CisRuleset
properties:
cisId: ${ibm_cis.instance.id}
domainId: ${data.ibm_cis_domain.cis_domain.domain_id}
rulesetId: 943c5da120114ea5831dc1edf8b6f769
rulesets:
- description: Entry point ruleset
rules:
- id: ${var.rule.id}
action: execute
actionParameters:
- id: ${var.to_be_deployed_ruleset.id}
overrides:
- action: log
enabled: true
overrideRules:
- ruleId: ${var.overriden_rule.id}
enabled: true
action: block
scoreThreshold: 60
categories:
- category: wordpress
enabled: true
action: block
description: ${var.rule.description}
enabled: false
expression: 'true'
ref: ${var.reference_rule.id}
Create CisRuleset Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CisRuleset(name: string, args: CisRulesetArgs, opts?: CustomResourceOptions);@overload
def CisRuleset(resource_name: str,
args: CisRulesetArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CisRuleset(resource_name: str,
opts: Optional[ResourceOptions] = None,
cis_id: Optional[str] = None,
cis_ruleset_id: Optional[str] = None,
domain_id: Optional[str] = None,
ruleset_id: Optional[str] = None,
rulesets: Optional[Sequence[CisRulesetRulesetArgs]] = None)func NewCisRuleset(ctx *Context, name string, args CisRulesetArgs, opts ...ResourceOption) (*CisRuleset, error)public CisRuleset(string name, CisRulesetArgs args, CustomResourceOptions? opts = null)
public CisRuleset(String name, CisRulesetArgs args)
public CisRuleset(String name, CisRulesetArgs args, CustomResourceOptions options)
type: ibm:CisRuleset
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CisRulesetArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CisRulesetArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CisRulesetArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CisRulesetArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CisRulesetArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var cisRulesetResource = new Ibm.CisRuleset("cisRulesetResource", new()
{
CisId = "string",
CisRulesetId = "string",
DomainId = "string",
RulesetId = "string",
Rulesets = new[]
{
new Ibm.Inputs.CisRulesetRulesetArgs
{
Description = "string",
Kind = "string",
LastUpdated = "string",
Name = "string",
Phase = "string",
Rules = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleArgs
{
Action = "string",
ActionParameters = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleActionParameterArgs
{
Id = "string",
Overrides = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleActionParameterOverrideArgs
{
Action = "string",
Categories = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleActionParameterOverrideCategoryArgs
{
Action = "string",
Category = "string",
Enabled = false,
},
},
Enabled = false,
OverrideRules = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleActionParameterOverrideOverrideRuleArgs
{
Action = "string",
Enabled = false,
RuleId = "string",
ScoreThreshold = 0,
SensitivityLevel = "string",
},
},
},
},
Responses = new[]
{
new Ibm.Inputs.CisRulesetRulesetRuleActionParameterResponseArgs
{
Content = "string",
ContentType = "string",
StatusCode = 0,
},
},
Ruleset = "string",
Rulesets = new[]
{
"string",
},
Version = "string",
},
},
Categories = new[]
{
"string",
},
Description = "string",
Enabled = false,
Expression = "string",
Id = "string",
LastUpdatedAt = "string",
Logging =
{
{ "string", false },
},
Positions = new[]
{
new Ibm.Inputs.CisRulesetRulesetRulePositionArgs
{
After = "string",
Before = "string",
Index = 0,
},
},
Ref = "string",
Version = "string",
},
},
RulesetId = "string",
Version = "string",
},
},
});
example, err := ibm.NewCisRuleset(ctx, "cisRulesetResource", &ibm.CisRulesetArgs{
CisId: pulumi.String("string"),
CisRulesetId: pulumi.String("string"),
DomainId: pulumi.String("string"),
RulesetId: pulumi.String("string"),
Rulesets: ibm.CisRulesetRulesetArray{
&ibm.CisRulesetRulesetArgs{
Description: pulumi.String("string"),
Kind: pulumi.String("string"),
LastUpdated: pulumi.String("string"),
Name: pulumi.String("string"),
Phase: pulumi.String("string"),
Rules: ibm.CisRulesetRulesetRuleArray{
&ibm.CisRulesetRulesetRuleArgs{
Action: pulumi.String("string"),
ActionParameters: ibm.CisRulesetRulesetRuleActionParameterArray{
&ibm.CisRulesetRulesetRuleActionParameterArgs{
Id: pulumi.String("string"),
Overrides: ibm.CisRulesetRulesetRuleActionParameterOverrideArray{
&ibm.CisRulesetRulesetRuleActionParameterOverrideArgs{
Action: pulumi.String("string"),
Categories: ibm.CisRulesetRulesetRuleActionParameterOverrideCategoryArray{
&ibm.CisRulesetRulesetRuleActionParameterOverrideCategoryArgs{
Action: pulumi.String("string"),
Category: pulumi.String("string"),
Enabled: pulumi.Bool(false),
},
},
Enabled: pulumi.Bool(false),
OverrideRules: ibm.CisRulesetRulesetRuleActionParameterOverrideOverrideRuleArray{
&ibm.CisRulesetRulesetRuleActionParameterOverrideOverrideRuleArgs{
Action: pulumi.String("string"),
Enabled: pulumi.Bool(false),
RuleId: pulumi.String("string"),
ScoreThreshold: pulumi.Float64(0),
SensitivityLevel: pulumi.String("string"),
},
},
},
},
Responses: ibm.CisRulesetRulesetRuleActionParameterResponseArray{
&ibm.CisRulesetRulesetRuleActionParameterResponseArgs{
Content: pulumi.String("string"),
ContentType: pulumi.String("string"),
StatusCode: pulumi.Float64(0),
},
},
Ruleset: pulumi.String("string"),
Rulesets: pulumi.StringArray{
pulumi.String("string"),
},
Version: pulumi.String("string"),
},
},
Categories: pulumi.StringArray{
pulumi.String("string"),
},
Description: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Expression: pulumi.String("string"),
Id: pulumi.String("string"),
LastUpdatedAt: pulumi.String("string"),
Logging: pulumi.BoolMap{
"string": pulumi.Bool(false),
},
Positions: ibm.CisRulesetRulesetRulePositionArray{
&ibm.CisRulesetRulesetRulePositionArgs{
After: pulumi.String("string"),
Before: pulumi.String("string"),
Index: pulumi.Float64(0),
},
},
Ref: pulumi.String("string"),
Version: pulumi.String("string"),
},
},
RulesetId: pulumi.String("string"),
Version: pulumi.String("string"),
},
},
})
var cisRulesetResource = new CisRuleset("cisRulesetResource", CisRulesetArgs.builder()
.cisId("string")
.cisRulesetId("string")
.domainId("string")
.rulesetId("string")
.rulesets(CisRulesetRulesetArgs.builder()
.description("string")
.kind("string")
.lastUpdated("string")
.name("string")
.phase("string")
.rules(CisRulesetRulesetRuleArgs.builder()
.action("string")
.actionParameters(CisRulesetRulesetRuleActionParameterArgs.builder()
.id("string")
.overrides(CisRulesetRulesetRuleActionParameterOverrideArgs.builder()
.action("string")
.categories(CisRulesetRulesetRuleActionParameterOverrideCategoryArgs.builder()
.action("string")
.category("string")
.enabled(false)
.build())
.enabled(false)
.overrideRules(CisRulesetRulesetRuleActionParameterOverrideOverrideRuleArgs.builder()
.action("string")
.enabled(false)
.ruleId("string")
.scoreThreshold(0)
.sensitivityLevel("string")
.build())
.build())
.responses(CisRulesetRulesetRuleActionParameterResponseArgs.builder()
.content("string")
.contentType("string")
.statusCode(0)
.build())
.ruleset("string")
.rulesets("string")
.version("string")
.build())
.categories("string")
.description("string")
.enabled(false)
.expression("string")
.id("string")
.lastUpdatedAt("string")
.logging(Map.of("string", false))
.positions(CisRulesetRulesetRulePositionArgs.builder()
.after("string")
.before("string")
.index(0)
.build())
.ref("string")
.version("string")
.build())
.rulesetId("string")
.version("string")
.build())
.build());
cis_ruleset_resource = ibm.CisRuleset("cisRulesetResource",
cis_id="string",
cis_ruleset_id="string",
domain_id="string",
ruleset_id="string",
rulesets=[{
"description": "string",
"kind": "string",
"last_updated": "string",
"name": "string",
"phase": "string",
"rules": [{
"action": "string",
"action_parameters": [{
"id": "string",
"overrides": [{
"action": "string",
"categories": [{
"action": "string",
"category": "string",
"enabled": False,
}],
"enabled": False,
"override_rules": [{
"action": "string",
"enabled": False,
"rule_id": "string",
"score_threshold": 0,
"sensitivity_level": "string",
}],
}],
"responses": [{
"content": "string",
"content_type": "string",
"status_code": 0,
}],
"ruleset": "string",
"rulesets": ["string"],
"version": "string",
}],
"categories": ["string"],
"description": "string",
"enabled": False,
"expression": "string",
"id": "string",
"last_updated_at": "string",
"logging": {
"string": False,
},
"positions": [{
"after": "string",
"before": "string",
"index": 0,
}],
"ref": "string",
"version": "string",
}],
"ruleset_id": "string",
"version": "string",
}])
const cisRulesetResource = new ibm.CisRuleset("cisRulesetResource", {
cisId: "string",
cisRulesetId: "string",
domainId: "string",
rulesetId: "string",
rulesets: [{
description: "string",
kind: "string",
lastUpdated: "string",
name: "string",
phase: "string",
rules: [{
action: "string",
actionParameters: [{
id: "string",
overrides: [{
action: "string",
categories: [{
action: "string",
category: "string",
enabled: false,
}],
enabled: false,
overrideRules: [{
action: "string",
enabled: false,
ruleId: "string",
scoreThreshold: 0,
sensitivityLevel: "string",
}],
}],
responses: [{
content: "string",
contentType: "string",
statusCode: 0,
}],
ruleset: "string",
rulesets: ["string"],
version: "string",
}],
categories: ["string"],
description: "string",
enabled: false,
expression: "string",
id: "string",
lastUpdatedAt: "string",
logging: {
string: false,
},
positions: [{
after: "string",
before: "string",
index: 0,
}],
ref: "string",
version: "string",
}],
rulesetId: "string",
version: "string",
}],
});
type: ibm:CisRuleset
properties:
cisId: string
cisRulesetId: string
domainId: string
rulesetId: string
rulesets:
- description: string
kind: string
lastUpdated: string
name: string
phase: string
rules:
- action: string
actionParameters:
- id: string
overrides:
- action: string
categories:
- action: string
category: string
enabled: false
enabled: false
overrideRules:
- action: string
enabled: false
ruleId: string
scoreThreshold: 0
sensitivityLevel: string
responses:
- content: string
contentType: string
statusCode: 0
ruleset: string
rulesets:
- string
version: string
categories:
- string
description: string
enabled: false
expression: string
id: string
lastUpdatedAt: string
logging:
string: false
positions:
- after: string
before: string
index: 0
ref: string
version: string
rulesetId: string
version: string
CisRuleset Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CisRuleset resource accepts the following input properties:
- Cis
Id string - The ID of the CIS service instance.
- Cis
Ruleset stringId - Domain
Id string - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - Ruleset
Id string - ID of the ruleset.
- Rulesets
List<Cis
Ruleset Ruleset> Values that will be updated.
Nested scheme of
rulesets
- Cis
Id string - The ID of the CIS service instance.
- Cis
Ruleset stringId - Domain
Id string - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - Ruleset
Id string - ID of the ruleset.
- Rulesets
[]Cis
Ruleset Ruleset Args Values that will be updated.
Nested scheme of
rulesets
- cis
Id String - The ID of the CIS service instance.
- cis
Ruleset StringId - domain
Id String - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - ruleset
Id String - ID of the ruleset.
- rulesets
List<Cis
Ruleset Ruleset> Values that will be updated.
Nested scheme of
rulesets
- cis
Id string - The ID of the CIS service instance.
- cis
Ruleset stringId - domain
Id string - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - ruleset
Id string - ID of the ruleset.
- rulesets
Cis
Ruleset Ruleset[] Values that will be updated.
Nested scheme of
rulesets
- cis_
id str - The ID of the CIS service instance.
- cis_
ruleset_ strid - domain_
id str - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - ruleset_
id str - ID of the ruleset.
- rulesets
Sequence[Cis
Ruleset Ruleset Args] Values that will be updated.
Nested scheme of
rulesets
- cis
Id String - The ID of the CIS service instance.
- cis
Ruleset StringId - domain
Id String - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - ruleset
Id String - ID of the ruleset.
- rulesets List<Property Map>
Values that will be updated.
Nested scheme of
rulesets
Outputs
All input properties are implicitly available as output properties. Additionally, the CisRuleset resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CisRuleset Resource
Get an existing CisRuleset resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CisRulesetState, opts?: CustomResourceOptions): CisRuleset@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
cis_id: Optional[str] = None,
cis_ruleset_id: Optional[str] = None,
domain_id: Optional[str] = None,
ruleset_id: Optional[str] = None,
rulesets: Optional[Sequence[CisRulesetRulesetArgs]] = None) -> CisRulesetfunc GetCisRuleset(ctx *Context, name string, id IDInput, state *CisRulesetState, opts ...ResourceOption) (*CisRuleset, error)public static CisRuleset Get(string name, Input<string> id, CisRulesetState? state, CustomResourceOptions? opts = null)public static CisRuleset get(String name, Output<String> id, CisRulesetState state, CustomResourceOptions options)resources: _: type: ibm:CisRuleset get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Cis
Id string - The ID of the CIS service instance.
- Cis
Ruleset stringId - Domain
Id string - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - Ruleset
Id string - ID of the ruleset.
- Rulesets
List<Cis
Ruleset Ruleset> Values that will be updated.
Nested scheme of
rulesets
- Cis
Id string - The ID of the CIS service instance.
- Cis
Ruleset stringId - Domain
Id string - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - Ruleset
Id string - ID of the ruleset.
- Rulesets
[]Cis
Ruleset Ruleset Args Values that will be updated.
Nested scheme of
rulesets
- cis
Id String - The ID of the CIS service instance.
- cis
Ruleset StringId - domain
Id String - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - ruleset
Id String - ID of the ruleset.
- rulesets
List<Cis
Ruleset Ruleset> Values that will be updated.
Nested scheme of
rulesets
- cis
Id string - The ID of the CIS service instance.
- cis
Ruleset stringId - domain
Id string - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - ruleset
Id string - ID of the ruleset.
- rulesets
Cis
Ruleset Ruleset[] Values that will be updated.
Nested scheme of
rulesets
- cis_
id str - The ID of the CIS service instance.
- cis_
ruleset_ strid - domain_
id str - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - ruleset_
id str - ID of the ruleset.
- rulesets
Sequence[Cis
Ruleset Ruleset Args] Values that will be updated.
Nested scheme of
rulesets
- cis
Id String - The ID of the CIS service instance.
- cis
Ruleset StringId - domain
Id String - The Domain/Zone ID of the CIS service instance. If
domain_idis provided, the request is made at the zone/domain level; otherwise, the request is made at the instance level. - ruleset
Id String - ID of the ruleset.
- rulesets List<Property Map>
Values that will be updated.
Nested scheme of
rulesets
Supporting Types
CisRulesetRuleset, CisRulesetRulesetArgs
- Description string
- Description of the ruleset.
- Kind string
- Kind of the rulesets
- Last
Updated string - Rulesets last updated at
- Name string
- Name of the rulesets
- Phase string
- Phase of the rulesets
- Rules
List<Cis
Ruleset Ruleset Rule> - Rules that are required to be added/modified.
Nested scheme of
rules - Ruleset
Id string - ID of the ruleset.
- Version string
- Version of the rulesets
- Description string
- Description of the ruleset.
- Kind string
- Kind of the rulesets
- Last
Updated string - Rulesets last updated at
- Name string
- Name of the rulesets
- Phase string
- Phase of the rulesets
- Rules
[]Cis
Ruleset Ruleset Rule - Rules that are required to be added/modified.
Nested scheme of
rules - Ruleset
Id string - ID of the ruleset.
- Version string
- Version of the rulesets
- description String
- Description of the ruleset.
- kind String
- Kind of the rulesets
- last
Updated String - Rulesets last updated at
- name String
- Name of the rulesets
- phase String
- Phase of the rulesets
- rules
List<Cis
Ruleset Ruleset Rule> - Rules that are required to be added/modified.
Nested scheme of
rules - ruleset
Id String - ID of the ruleset.
- version String
- Version of the rulesets
- description string
- Description of the ruleset.
- kind string
- Kind of the rulesets
- last
Updated string - Rulesets last updated at
- name string
- Name of the rulesets
- phase string
- Phase of the rulesets
- rules
Cis
Ruleset Ruleset Rule[] - Rules that are required to be added/modified.
Nested scheme of
rules - ruleset
Id string - ID of the ruleset.
- version string
- Version of the rulesets
- description str
- Description of the ruleset.
- kind str
- Kind of the rulesets
- last_
updated str - Rulesets last updated at
- name str
- Name of the rulesets
- phase str
- Phase of the rulesets
- rules
Sequence[Cis
Ruleset Ruleset Rule] - Rules that are required to be added/modified.
Nested scheme of
rules - ruleset_
id str - ID of the ruleset.
- version str
- Version of the rulesets
- description String
- Description of the ruleset.
- kind String
- Kind of the rulesets
- last
Updated String - Rulesets last updated at
- name String
- Name of the rulesets
- phase String
- Phase of the rulesets
- rules List<Property Map>
- Rules that are required to be added/modified.
Nested scheme of
rules - ruleset
Id String - ID of the ruleset.
- version String
- Version of the rulesets
CisRulesetRulesetRule, CisRulesetRulesetRuleArgs
- Action string
- . Action of the rule.
- Action
Parameters List<CisRuleset Ruleset Rule Action Parameter> - Parameters that are used to modify the rules.
Nested scheme of
action parameters - Categories List<string>
- Categories of the rulesets rule
- Description string
- Description of the rule.
- Enabled bool
- Enable/Disable ruleset rule
- Expression string
- Expression used by the rule to match the incoming request.
- Id string
- ID of the rule.
- Last
Updated stringAt - Rulesets rule last updated at
- Logging Dictionary<string, bool>
- Logging of the rulesets rule
- Positions
List<Cis
Ruleset Ruleset Rule Position> - Position of rulesets rule
- Ref string
- ID of an existing rule. If not provided, it is populated by the ID of the created rule.
- Version string
- Version of the rulesets rule
- Action string
- . Action of the rule.
- Action
Parameters []CisRuleset Ruleset Rule Action Parameter - Parameters that are used to modify the rules.
Nested scheme of
action parameters - Categories []string
- Categories of the rulesets rule
- Description string
- Description of the rule.
- Enabled bool
- Enable/Disable ruleset rule
- Expression string
- Expression used by the rule to match the incoming request.
- Id string
- ID of the rule.
- Last
Updated stringAt - Rulesets rule last updated at
- Logging map[string]bool
- Logging of the rulesets rule
- Positions
[]Cis
Ruleset Ruleset Rule Position - Position of rulesets rule
- Ref string
- ID of an existing rule. If not provided, it is populated by the ID of the created rule.
- Version string
- Version of the rulesets rule
- action String
- . Action of the rule.
- action
Parameters List<CisRuleset Ruleset Rule Action Parameter> - Parameters that are used to modify the rules.
Nested scheme of
action parameters - categories List<String>
- Categories of the rulesets rule
- description String
- Description of the rule.
- enabled Boolean
- Enable/Disable ruleset rule
- expression String
- Expression used by the rule to match the incoming request.
- id String
- ID of the rule.
- last
Updated StringAt - Rulesets rule last updated at
- logging Map<String,Boolean>
- Logging of the rulesets rule
- positions
List<Cis
Ruleset Ruleset Rule Position> - Position of rulesets rule
- ref String
- ID of an existing rule. If not provided, it is populated by the ID of the created rule.
- version String
- Version of the rulesets rule
- action string
- . Action of the rule.
- action
Parameters CisRuleset Ruleset Rule Action Parameter[] - Parameters that are used to modify the rules.
Nested scheme of
action parameters - categories string[]
- Categories of the rulesets rule
- description string
- Description of the rule.
- enabled boolean
- Enable/Disable ruleset rule
- expression string
- Expression used by the rule to match the incoming request.
- id string
- ID of the rule.
- last
Updated stringAt - Rulesets rule last updated at
- logging {[key: string]: boolean}
- Logging of the rulesets rule
- positions
Cis
Ruleset Ruleset Rule Position[] - Position of rulesets rule
- ref string
- ID of an existing rule. If not provided, it is populated by the ID of the created rule.
- version string
- Version of the rulesets rule
- action str
- . Action of the rule.
- action_
parameters Sequence[CisRuleset Ruleset Rule Action Parameter] - Parameters that are used to modify the rules.
Nested scheme of
action parameters - categories Sequence[str]
- Categories of the rulesets rule
- description str
- Description of the rule.
- enabled bool
- Enable/Disable ruleset rule
- expression str
- Expression used by the rule to match the incoming request.
- id str
- ID of the rule.
- last_
updated_ strat - Rulesets rule last updated at
- logging Mapping[str, bool]
- Logging of the rulesets rule
- positions
Sequence[Cis
Ruleset Ruleset Rule Position] - Position of rulesets rule
- ref str
- ID of an existing rule. If not provided, it is populated by the ID of the created rule.
- version str
- Version of the rulesets rule
- action String
- . Action of the rule.
- action
Parameters List<Property Map> - Parameters that are used to modify the rules.
Nested scheme of
action parameters - categories List<String>
- Categories of the rulesets rule
- description String
- Description of the rule.
- enabled Boolean
- Enable/Disable ruleset rule
- expression String
- Expression used by the rule to match the incoming request.
- id String
- ID of the rule.
- last
Updated StringAt - Rulesets rule last updated at
- logging Map<Boolean>
- Logging of the rulesets rule
- positions List<Property Map>
- Position of rulesets rule
- ref String
- ID of an existing rule. If not provided, it is populated by the ID of the created rule.
- version String
- Version of the rulesets rule
CisRulesetRulesetRuleActionParameter, CisRulesetRulesetRuleActionParameterArgs
- Id string
- ID of the managed ruleset to be deployed.
- Overrides
List<Cis
Ruleset Ruleset Rule Action Parameter Override> Provides the parameters that are to be overridden.
Nested scheme of
overrides- Responses
List<Cis
Ruleset Ruleset Rule Action Parameter Response> - Action parameters response of the rulesets rule
- Ruleset string
- Ruleset ID of the ruleset to apply action to
- Rulesets List<string>
Values that will be updated.
Nested scheme of
rulesets- Version string
- Version of the ruleset
- Id string
- ID of the managed ruleset to be deployed.
- Overrides
[]Cis
Ruleset Ruleset Rule Action Parameter Override Provides the parameters that are to be overridden.
Nested scheme of
overrides- Responses
[]Cis
Ruleset Ruleset Rule Action Parameter Response - Action parameters response of the rulesets rule
- Ruleset string
- Ruleset ID of the ruleset to apply action to
- Rulesets []string
Values that will be updated.
Nested scheme of
rulesets- Version string
- Version of the ruleset
- id String
- ID of the managed ruleset to be deployed.
- overrides
List<Cis
Ruleset Ruleset Rule Action Parameter Override> Provides the parameters that are to be overridden.
Nested scheme of
overrides- responses
List<Cis
Ruleset Ruleset Rule Action Parameter Response> - Action parameters response of the rulesets rule
- ruleset String
- Ruleset ID of the ruleset to apply action to
- rulesets List<String>
Values that will be updated.
Nested scheme of
rulesets- version String
- Version of the ruleset
- id string
- ID of the managed ruleset to be deployed.
- overrides
Cis
Ruleset Ruleset Rule Action Parameter Override[] Provides the parameters that are to be overridden.
Nested scheme of
overrides- responses
Cis
Ruleset Ruleset Rule Action Parameter Response[] - Action parameters response of the rulesets rule
- ruleset string
- Ruleset ID of the ruleset to apply action to
- rulesets string[]
Values that will be updated.
Nested scheme of
rulesets- version string
- Version of the ruleset
- id str
- ID of the managed ruleset to be deployed.
- overrides
Sequence[Cis
Ruleset Ruleset Rule Action Parameter Override] Provides the parameters that are to be overridden.
Nested scheme of
overrides- responses
Sequence[Cis
Ruleset Ruleset Rule Action Parameter Response] - Action parameters response of the rulesets rule
- ruleset str
- Ruleset ID of the ruleset to apply action to
- rulesets Sequence[str]
Values that will be updated.
Nested scheme of
rulesets- version str
- Version of the ruleset
- id String
- ID of the managed ruleset to be deployed.
- overrides List<Property Map>
Provides the parameters that are to be overridden.
Nested scheme of
overrides- responses List<Property Map>
- Action parameters response of the rulesets rule
- ruleset String
- Ruleset ID of the ruleset to apply action to
- rulesets List<String>
Values that will be updated.
Nested scheme of
rulesets- version String
- Version of the ruleset
CisRulesetRulesetRuleActionParameterOverride, CisRulesetRulesetRuleActionParameterOverrideArgs
- Action string
- Action of the rule. Examples: log, block, skip.
- Categories
List<Cis
Ruleset Ruleset Rule Action Parameter Override Category> - Nested scheme of
categories - Enabled bool
- Enables/Disables the rule.
- Override
Rules List<CisRuleset Ruleset Rule Action Parameter Override Override Rule> List of details of rules to be overridden. These rules are already present in the managed ruleset.
Nested scheme of
override_rules
- Action string
- Action of the rule. Examples: log, block, skip.
- Categories
[]Cis
Ruleset Ruleset Rule Action Parameter Override Category - Nested scheme of
categories - Enabled bool
- Enables/Disables the rule.
- Override
Rules []CisRuleset Ruleset Rule Action Parameter Override Override Rule List of details of rules to be overridden. These rules are already present in the managed ruleset.
Nested scheme of
override_rules
- action String
- Action of the rule. Examples: log, block, skip.
- categories
List<Cis
Ruleset Ruleset Rule Action Parameter Override Category> - Nested scheme of
categories - enabled Boolean
- Enables/Disables the rule.
- override
Rules List<CisRuleset Ruleset Rule Action Parameter Override Override Rule> List of details of rules to be overridden. These rules are already present in the managed ruleset.
Nested scheme of
override_rules
- action string
- Action of the rule. Examples: log, block, skip.
- categories
Cis
Ruleset Ruleset Rule Action Parameter Override Category[] - Nested scheme of
categories - enabled boolean
- Enables/Disables the rule.
- override
Rules CisRuleset Ruleset Rule Action Parameter Override Override Rule[] List of details of rules to be overridden. These rules are already present in the managed ruleset.
Nested scheme of
override_rules
- action str
- Action of the rule. Examples: log, block, skip.
- categories
Sequence[Cis
Ruleset Ruleset Rule Action Parameter Override Category] - Nested scheme of
categories - enabled bool
- Enables/Disables the rule.
- override_
rules Sequence[CisRuleset Ruleset Rule Action Parameter Override Override Rule] List of details of rules to be overridden. These rules are already present in the managed ruleset.
Nested scheme of
override_rules
- action String
- Action of the rule. Examples: log, block, skip.
- categories List<Property Map>
- Nested scheme of
categories - enabled Boolean
- Enables/Disables the rule.
- override
Rules List<Property Map> List of details of rules to be overridden. These rules are already present in the managed ruleset.
Nested scheme of
override_rules
CisRulesetRulesetRuleActionParameterOverrideCategory, CisRulesetRulesetRuleActionParameterOverrideCategoryArgs
CisRulesetRulesetRuleActionParameterOverrideOverrideRule, CisRulesetRulesetRuleActionParameterOverrideOverrideRuleArgs
- Action string
- Action of the rule.
- Enabled bool
- Enables/Disables the rule.
- Rule
Id string - ID of the rule.
- Score
Threshold double - Score threshold of the rule. Allowed values are 25, 40, 60 for high, medium and low sensitivity respectively.
- Sensitivity
Level string - Sensitivity level
- Action string
- Action of the rule.
- Enabled bool
- Enables/Disables the rule.
- Rule
Id string - ID of the rule.
- Score
Threshold float64 - Score threshold of the rule. Allowed values are 25, 40, 60 for high, medium and low sensitivity respectively.
- Sensitivity
Level string - Sensitivity level
- action String
- Action of the rule.
- enabled Boolean
- Enables/Disables the rule.
- rule
Id String - ID of the rule.
- score
Threshold Double - Score threshold of the rule. Allowed values are 25, 40, 60 for high, medium and low sensitivity respectively.
- sensitivity
Level String - Sensitivity level
- action string
- Action of the rule.
- enabled boolean
- Enables/Disables the rule.
- rule
Id string - ID of the rule.
- score
Threshold number - Score threshold of the rule. Allowed values are 25, 40, 60 for high, medium and low sensitivity respectively.
- sensitivity
Level string - Sensitivity level
- action str
- Action of the rule.
- enabled bool
- Enables/Disables the rule.
- rule_
id str - ID of the rule.
- score_
threshold float - Score threshold of the rule. Allowed values are 25, 40, 60 for high, medium and low sensitivity respectively.
- sensitivity_
level str - Sensitivity level
- action String
- Action of the rule.
- enabled Boolean
- Enables/Disables the rule.
- rule
Id String - ID of the rule.
- score
Threshold Number - Score threshold of the rule. Allowed values are 25, 40, 60 for high, medium and low sensitivity respectively.
- sensitivity
Level String - Sensitivity level
CisRulesetRulesetRuleActionParameterResponse, CisRulesetRulesetRuleActionParameterResponseArgs
- Content string
- Action parameters response content of the rulesets rule
- Content
Type string - Action parameters response type of the rulesets rule
- Status
Code double - Action parameters response status code of the rulesets rule
- Content string
- Action parameters response content of the rulesets rule
- Content
Type string - Action parameters response type of the rulesets rule
- Status
Code float64 - Action parameters response status code of the rulesets rule
- content String
- Action parameters response content of the rulesets rule
- content
Type String - Action parameters response type of the rulesets rule
- status
Code Double - Action parameters response status code of the rulesets rule
- content string
- Action parameters response content of the rulesets rule
- content
Type string - Action parameters response type of the rulesets rule
- status
Code number - Action parameters response status code of the rulesets rule
- content str
- Action parameters response content of the rulesets rule
- content_
type str - Action parameters response type of the rulesets rule
- status_
code float - Action parameters response status code of the rulesets rule
- content String
- Action parameters response content of the rulesets rule
- content
Type String - Action parameters response type of the rulesets rule
- status
Code Number - Action parameters response status code of the rulesets rule
CisRulesetRulesetRulePosition, CisRulesetRulesetRulePositionArgs
Import
Example
terraform
$ pulumi import ibm:index/cisRuleset:CisRuleset config 48996f0da6ed76251b475971b097205c:9caf68812ae9b3f0377fdf986751a78f:crn:v1:bluemix:public:internet-svcs:global:a/4ea1882a2d3401ed1e459979941966ea:31fa970d-51d0-4b05-893e-251cba75a7b3::
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- ibm ibm-cloud/terraform-provider-ibm
- License
- Notes
- This Pulumi package is based on the
ibmTerraform Provider.