cloud_workload_security_agent_rules
Creates, updates, deletes, gets or lists a cloud_workload_security_agent_rules resource.
Overview
| Name | cloud_workload_security_agent_rules |
| Type | Resource |
| Id | datadog.security.cloud_workload_security_agent_rules |
Fields
The following fields are returned by SELECT queries:
- get_cloud_workload_security_agent_rule
- list_cloud_workload_security_agent_rules
| Name | Datatype | Description |
|---|---|---|
id | string | The ID of the Agent rule (example: 3dd-0uc-h1s) |
attributes | object | A Cloud Workload Security Agent rule returned by the API |
type | string | The type of the resource, must always be agent_rule (default: agent_rule, example: agent_rule) |
| Name | Datatype | Description |
|---|---|---|
id | string | The ID of the Agent rule (example: 3dd-0uc-h1s) |
attributes | object | A Cloud Workload Security Agent rule returned by the API |
type | string | The type of the resource, must always be agent_rule (default: agent_rule, example: agent_rule) |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_cloud_workload_security_agent_rule | select | agent_rule_id, region | Get the details of a specific agent rule. Note: This endpoint should only be used for the Government (US1-FED) site. | |
list_cloud_workload_security_agent_rules | select | region | Get the list of agent rules. Note: This endpoint should only be used for the Government (US1-FED) site. | |
create_cloud_workload_security_agent_rule | insert | region, data__data | Create a new agent rule with the given parameters. Note: This endpoint should only be used for the Government (US1-FED) site. | |
update_cloud_workload_security_agent_rule | update | agent_rule_id, region, data__data | Update a specific agent rule. Returns the agent rule object when the request is successful. Note: This endpoint should only be used for the Government (US1-FED) site. | |
delete_cloud_workload_security_agent_rule | delete | agent_rule_id, region | Delete a specific agent rule. Note: This endpoint should only be used for the Government (US1-FED) site. | |
download_cloud_workload_policy_file | exec | region | The download endpoint generates a Workload Protection policy file from your currently active Workload Protection agent rules, and downloads them as a .policy file. This file can then be deployed toyour agents to update the policy running in your environment. Note: This endpoint should only be used for the Government (US1-FED) site. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
agent_rule_id | string | The ID of the Agent rule (example: 3b5-v82-ns6) |
region | string | (default: datadoghq.com) |
SELECT examples
- get_cloud_workload_security_agent_rule
- list_cloud_workload_security_agent_rules
Get the details of a specific agent rule.
Note: This endpoint should only be used for the Government (US1-FED) site.
SELECT
id,
attributes,
type
FROM datadog.security.cloud_workload_security_agent_rules
WHERE agent_rule_id = '{{ agent_rule_id }}' -- required
AND region = '{{ region }}' -- required
;
Get the list of agent rules.
Note: This endpoint should only be used for the Government (US1-FED) site.
SELECT
id,
attributes,
type
FROM datadog.security.cloud_workload_security_agent_rules
WHERE region = '{{ region }}' -- required
;
INSERT examples
- create_cloud_workload_security_agent_rule
- Manifest
Create a new agent rule with the given parameters.
Note: This endpoint should only be used for the Government (US1-FED) site.
INSERT INTO datadog.security.cloud_workload_security_agent_rules (
data__data,
region
)
SELECT
'{{ data }}' /* required */,
'{{ region }}'
RETURNING
data
;
# Description fields are for documentation purposes
- name: cloud_workload_security_agent_rules
props:
- name: region
value: string
description: Required parameter for the cloud_workload_security_agent_rules resource.
- name: data
value: object
description: |
Object for a single Agent rule
UPDATE examples
- update_cloud_workload_security_agent_rule
Update a specific agent rule.
Returns the agent rule object when the request is successful.
Note: This endpoint should only be used for the Government (US1-FED) site.
UPDATE datadog.security.cloud_workload_security_agent_rules
SET
data__data = '{{ data }}'
WHERE
agent_rule_id = '{{ agent_rule_id }}' --required
AND region = '{{ region }}' --required
AND data__data = '{{ data }}' --required
RETURNING
data;
DELETE examples
- delete_cloud_workload_security_agent_rule
Delete a specific agent rule.
Note: This endpoint should only be used for the Government (US1-FED) site.
DELETE FROM datadog.security.cloud_workload_security_agent_rules
WHERE agent_rule_id = '{{ agent_rule_id }}' --required
AND region = '{{ region }}' --required
;
Lifecycle Methods
- download_cloud_workload_policy_file
The download endpoint generates a Workload Protection policy file from your currently active
Workload Protection agent rules, and downloads them as a .policy file. This file can then be deployed to
your agents to update the policy running in your environment.
Note: This endpoint should only be used for the Government (US1-FED) site.
EXEC datadog.security.cloud_workload_security_agent_rules.download_cloud_workload_policy_file
@region='{{ region }}' --required
;