Skip to content

Commit

Permalink
⭐️ expand default provider example
Browse files Browse the repository at this point in the history
  • Loading branch information
@chris-rock
chris-rock committed Jan 24, 2025
1 parent 46c1657 commit 9084308
Show file tree
Hide file tree
Showing 2 changed files with 116 additions and 8 deletions.
62 changes: 58 additions & 4 deletions docs/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,14 +21,68 @@ terraform {
required_providers {
mondoo = {
source = "mondoohq/mondoo"
version = ">= 0.19"
version = ">= 0.21"
}
}
}
provider "mondoo" {
space = "hungry-poet-1988"
region = "us"
variable "org_id" {
description = "The organization id to create the spaces in"
type = string
}
provider "mondoo" {}
data "mondoo_organization" "org" {
id = var.org_id
}
resource "mondoo_space" "my_space" {
name = "My Space New"
org_id = data.mondoo_organization.org.id
}
# Assign policies to the space
resource "mondoo_policy_assignment" "cis_policy_assignment_enabled" {
space_id = mondoo_space.my_space.id
policies = [
"//policy.api.mondoo.app/policies/cis-microsoft-windows-10-l1-ce",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-10-l1-bl",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-11-l1-ce",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-11-l1-bl",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2016-dc-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2016-ms-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2019-dc-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2019-ms-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2022-dc-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2022-ms-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-azure-windows-server-2019-dc-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-azure-windows-server-2019-ms-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-azure-windows-server-2022-dc-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-azure-windows-server-2022-ms-level-1",
"//policy.api.mondoo.app/policies/mondoo-edr-policy",
]
state = "enabled"
}
# Set exceptions for Windows policies in the space
resource "mondoo_exception" "windows_defender_exception" {
scope_mrn = mondoo_space.my_space.mrn
justification = "Windows Defender is disabled. Other EDR is used/configured instead."
action = "SNOOZE"
check_mrns = [
"//policy.api.mondoo.app/queries/cis-microsoft-windows-10--18.10.42.5.1",
"//policy.api.mondoo.app/queries/cis-microsoft-windows-11--18.10.42.5.1",
"//policy.api.mondoo.app/queries/cis-microsoft-windows-server-2016--18.10.42.5.1",
"//policy.api.mondoo.app/queries/cis-microsoft-windows-server-2019--18.10.42.5.1",
"//policy.api.mondoo.app/queries/cis-microsoft-windows-server-2022--18.10.42.5.1",
]
depends_on = [
mondoo_policy_assignment.cis_policy_assignment_enabled
]
}
```

Expand Down
62 changes: 58 additions & 4 deletions examples/provider/provider.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,66 @@ terraform {
required_providers {
mondoo = {
source = "mondoohq/mondoo"
version = ">= 0.19"
version = ">= 0.21"
}
}
}

provider "mondoo" {
space = "hungry-poet-1988"
region = "us"
variable "org_id" {
description = "The organization id to create the spaces in"
type = string
}

provider "mondoo" {}

data "mondoo_organization" "org" {
id = var.org_id
}

resource "mondoo_space" "my_space" {
name = "My Space New"
org_id = data.mondoo_organization.org.id
}

# Assign policies to the space

resource "mondoo_policy_assignment" "cis_policy_assignment_enabled" {
space_id = mondoo_space.my_space.id

policies = [
"//policy.api.mondoo.app/policies/cis-microsoft-windows-10-l1-ce",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-10-l1-bl",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-11-l1-ce",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-11-l1-bl",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2016-dc-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2016-ms-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2019-dc-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2019-ms-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2022-dc-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-windows-server-2022-ms-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-azure-windows-server-2019-dc-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-azure-windows-server-2019-ms-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-azure-windows-server-2022-dc-level-1",
"//policy.api.mondoo.app/policies/cis-microsoft-azure-windows-server-2022-ms-level-1",
"//policy.api.mondoo.app/policies/mondoo-edr-policy",
]

state = "enabled"
}

# Set exceptions for Windows policies in the space
resource "mondoo_exception" "windows_defender_exception" {
scope_mrn = mondoo_space.my_space.mrn
justification = "Windows Defender is disabled. Other EDR is used/configured instead."
action = "SNOOZE"
check_mrns = [
"//policy.api.mondoo.app/queries/cis-microsoft-windows-10--18.10.42.5.1",
"//policy.api.mondoo.app/queries/cis-microsoft-windows-11--18.10.42.5.1",
"//policy.api.mondoo.app/queries/cis-microsoft-windows-server-2016--18.10.42.5.1",
"//policy.api.mondoo.app/queries/cis-microsoft-windows-server-2019--18.10.42.5.1",
"//policy.api.mondoo.app/queries/cis-microsoft-windows-server-2022--18.10.42.5.1",
]
depends_on = [
mondoo_policy_assignment.cis_policy_assignment_enabled
]
}

0 comments on commit 9084308

Please sign in to comment.