Provides a Datadog CSM Threats Agent Rule API resource.
resource "datadog_csm_threats_agent_rule" "my_agent_rule" {
name = "my_agent_rule"
enabled = true
description = "im a rule"
expression = "open.file.name == \"etc/shadow/password\""
}
enabled
(Boolean) Indicates Whether the Agent rule is enabled.expression
(String) The SECL expression of the Agent rulename
(String) The name of the Agent rule.description
(String) A description for the Agent rule. Defaults to ""
.id
(String) The ID of this resource.Import is supported using the following syntax:
# CSM Agent Rules can be imported using ID. For example:
terraform import datadog_csm_threats_agent_rule.my_agent_rule m0o-hto-lkb