Make fields supporting a single value optional, final cleanup

Arnas Navašinskas · Arnas Navašinskas · commit 7accde359205 · 2025-05-05T16:01:50.000+03:00
diff --git a/castai/resource_security_runtime_rule.go b/castai/resource_security_runtime_rule.go
@@ -42,7 +42,6 @@ var supportedSeverities = []string{
 
 var supportedRuleEngineTypes = []string{
 	string(sdk.RULEENGINETYPECEL),
-	string(sdk.RULEENGINETYPEGO),
 }
 
 var rulesPageLimit = "50"
@@ -82,8 +81,9 @@ func resourceSecurityRuntimeRule() *schema.Resource {
 			},
 			FieldRuntimeRuleCategory: {
 				Type:        schema.TypeString,
-				Required:    true,
+				Optional:    true,
 				Description: "Category of the rule.",
+				Default:     "event",
 				ForceNew:    true, // update is not supported
 			},
 			FieldRuntimeRuleSeverity: {
@@ -105,9 +105,10 @@ func resourceSecurityRuntimeRule() *schema.Resource {
 			},
 			FieldRuntimeRuleRuleEngineType: {
 				Type:             schema.TypeString,
-				Required:         true,
-				Description:      "The engine type used to evaluate the rule. One of RULE_ENGINE_TYPE_CEL, RULE_ENGINE_TYPE_GO.",
+				Optional:         true,
+				Description:      "The engine type used to evaluate the rule. Only RULE_ENGINE_TYPE_CEL is currently supported.",
 				ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice(supportedRuleEngineTypes, true)),
+				Default:          sdk.RULEENGINETYPECEL,
 				ForceNew:         true, // update is not supported
 			},
 			FieldRuntimeRuleResourceSelector: {
diff --git a/docs/resources/security_runtime_rule.md b/docs/resources/security_runtime_rule.md
diff --git a/examples/aks/aks_cluster_with_security_runtime_rules/castai_runtime_rules.tf b/examples/aks/aks_cluster_with_security_runtime_rules/castai_runtime_rules.tf
@@ -3,13 +3,11 @@
 
 resource "castai_security_runtime_rule" "example_rule__dns_to_crypto_mining_" {
   name              = "Example rule AKS: DNS to crypto mining"
-  category          = "event"
   severity          = "SEVERITY_LOW"
   enabled           = false
   rule_text         = <<EOT
 event.type == event_dns && event.dns.network_details.category == category_crypto
 EOT
-  rule_engine_type  = "RULE_ENGINE_TYPE_CEL"
   resource_selector = <<EOT
 resource.namespace == "default"
 EOT
diff --git a/examples/eks/eks_cluster_with_security_runtime_rules/castai_runtime_rules.tf b/examples/eks/eks_cluster_with_security_runtime_rules/castai_runtime_rules.tf
@@ -3,13 +3,11 @@
 
 resource "castai_security_runtime_rule" "example_rule__dns_to_crypto_mining_" {
   name              = "Example rule: DNS to crypto mining"
-  category          = "event"
   severity          = "SEVERITY_LOW"
   enabled           = false
   rule_text         = <<EOT
 event.type == event_dns && event.dns.network_details.category == category_crypto
 EOT
-  rule_engine_type  = "RULE_ENGINE_TYPE_CEL"
   resource_selector = <<EOT
 resource.namespace == "default"
 EOT
diff --git a/examples/gke/gke_cluster_with_security_runtime_rules/castai_runtime_rules.tf b/examples/gke/gke_cluster_with_security_runtime_rules/castai_runtime_rules.tf
@@ -3,13 +3,11 @@
 
 resource "castai_security_runtime_rule" "example_rule__dns_to_crypto_mining_" {
   name              = "Example rule: DNS to crypto mining"
-  category          = "event"
   severity          = "SEVERITY_LOW"
   enabled           = false
   rule_text         = <<EOT
 event.type == event_dns && event.dns.network_details.category == category_crypto
 EOT
-  rule_engine_type  = "RULE_ENGINE_TYPE_CEL"
   resource_selector = <<EOT
 resource.namespace == "default"
 EOT
