add docs

docs/index.md

@@ -1,7 +1,7 @@
 ---
 page_title: "Wiz Provider"
 description: |-
-  Terraform provider to manage Wiz resources
+  Terraform provider for WIZ
 ---
 
 # terraform-provider-wiz
@@ -34,16 +34,9 @@ provider "wiz" {
 
 > **WARNING** Hard-coded credentials are not recommended in any Terraform configuration and risks secret leakage should this file ever be committed to a public version control system.
 
-
 <!-- schema generated by tfplugindocs -->
 ## Schema
 
-### Required
-
-- `wiz_auth_client_id` (String) Your application's Client ID. You can find this value on the Settings > Service Accounts page. (default: none, environment variable: WIZ_AUTH_CLIENT_ID)
-- `wiz_auth_client_secret` (String, Sensitive) Your application's Client Secret. You can find this value on the Settings > Service Accounts page. (default: none, environment variable: WIZ_AUTH_CLIENT_SECRET)
-- `wiz_url` (String) Wiz api endpoint.  This varies for each Wiz deployment.  See https://docs.wiz.io/wiz-docs/docs/using-the-wiz-api#the-graphql-endpoint. (default: none, environment variable: WIZ_URL)
-
 ### Optional
 
 - `ca_chain` (String) Base64 encoded PEM of the CA chain used when communicating with Wiz. If a proxy performs TLS interception/inspection, this will be the CA chain for the certificate used by the proxy. The default includes the CAs known to be used by Wiz: `C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root`, `C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3`, `C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2`, `C=US, O=Amazon, CN=Amazon Root CA 1`, `C=US, O=Amazon, OU=Server CA 1B, CN=Amazon`. (environment variable: CA_CHAIN)
@@ -56,5 +49,8 @@ provider "wiz" {
 - `proxy` (Boolean) Use an http proxy server? (default: false, environment variable: PROXY)
 - `proxy_server` (String) Proxy server address.  Syntax: http[s]://[host]:[port]. (default: none, environment variable: PROXY_SERVER)
 - `wiz_auth_audience` (String) Set this to 'beyond-api' if using auth0 and 'wiz-api' if using Cognito. (default: wiz-api, environment variable: WIZ_AUTH_AUDIENCE)
+- `wiz_auth_client_id` (String) Your application's Client ID. You can find this value on the Settings > Service Accounts page. (default: none, environment variable: WIZ_AUTH_CLIENT_ID)
+- `wiz_auth_client_secret` (String, Sensitive) Your application's Client Secret. You can find this value on the Settings > Service Accounts page. (default: none, environment variable: WIZ_AUTH_CLIENT_SECRET)
 - `wiz_auth_grant_type` (String) Set this to 'client_credentials'. (default: client_credentials, environment variable: WIZ_AUTH_GRANT_TYPE)
 - `wiz_auth_url` (String) The authentication endpoint. (default: https://auth.app.wiz.io/oauth/token, environment variable: WIZ_AUTH_URL)
+- `wiz_url` (String) Wiz api endpoint.  This varies for each Wiz deployment.  See https://docs.wiz.io/wiz-docs/docs/using-the-wiz-api#the-graphql-endpoint. (default: none, environment variable: WIZ_URL)

docs/resources/automation_rule_slackbot_send_notification.md

@@ -0,0 +1,49 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "wiz_automation_rule_slackbot_send_notification Resource - terraform-provider-wiz"
+subcategory: ""
+description: |-
+  Automation Rules define associations between actions and findings.
+---
+
+# wiz_automation_rule_slackbot_send_notification (Resource)
+
+Automation Rules define associations between actions and findings.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `description` (String) Description of the automation rule
+- `filters` (String) Value should be wrapped in jsonencode() to avoid diff detection. This is required even though the API states it is not required.  Validate is performed by the UI.
+- `integration_id` (String) Wiz identifier for the Integration to leverage for this action. Must be resource type integration_aws_sns.
+- `name` (String) Name of the automation rule
+- `slack_channel` (String) Channel to send the message to
+- `trigger_source` (String) Trigger source.
+    - Allowed values:
+        - ISSUES
+        - CLOUD_EVENTS
+        - CONTROL
+        - CONFIGURATION_FINDING
+- `trigger_type` (List of String) Trigger type. Must be set to `CREATED` for wiz_automation_rule_slackbot_send_notification.
+    - Allowed values:
+        - CREATED
+        - UPDATED
+        - RESOLVED
+        - REOPENED
+
+### Optional
+
+- `enabled` (Boolean) Enabled?
+    - Defaults to `true`.
+- `project_id` (String) Wiz internal ID for a project.
+- `slack_note` (String) An optional note sent with the slack message
+
+### Read-Only
+
+- `action_id` (String) Wiz internal ID for the action.
+- `created_at` (String) The date/time at which the automation rule was created.
+- `id` (String) Wiz internal identifier.

docs/resources/integration_slackbot.md

@@ -0,0 +1,45 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "wiz_integration_slackbot Resource - terraform-provider-wiz"
+subcategory: ""
+description: |-
+  Integrations are reusable, generic connections between Wiz and third-party platforms like Slack, Google Chat, and Jira that allow data from Wiz to be passed to your preferred tool.
+---
+
+# wiz_integration_slackbot (Resource)
+
+Integrations are reusable, generic connections between Wiz and third-party platforms like Slack, Google Chat, and Jira that allow data from Wiz to be passed to your preferred tool.
+
+## Example Usage
+
+```terraform
+resource "wiz_integration_slackbot" "default" {
+  name        = "default"
+  slack_token = var.slack_token
+  scope       = "All Resources, Restrict this Integration to global roles only"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) The name of the integration.
+
+### Optional
+
+- `project_id` (String) The project this action is scoped to.
+- `scope` (String) Scoping to a selected Project makes this Integration accessible only to users with global roles or Project-scoped access to the selected Project. Other users will not be able to see it, use it, or view its results. Integrations restricted to global roles cannot be seen or used by users with Project-scoped roles.
+    - Allowed values:
+        - Selected Project
+        - All Resources
+        - All Resources, Restrict this Integration to global roles only
+
+    - Defaults to `All Resources, Restrict this Integration to global roles only`.
+- `slack_token` (String) Slack Token. (default: none, environment variable: WIZ_INTEGRATION_SLACK_TOKEN)
+
+### Read-Only
+
+- `created_at` (String) Identifies the date and time when the object was created.
+- `id` (String) Identifier for this object.

docs/resources/saml_idp.md

@@ -115,5 +115,6 @@ Required:
 - `role` (String) Wiz Role name
 
 Optional:
+
 - `description` (String) Description
 - `projects` (List of String) Project mapping

examples/resources/wiz_automation_rule_slack_send_notification/resource.tf

@@ -0,0 +1,23 @@
+resource "wiz_integration_slackbot" "default" {
+  name        = "default"
+  slack_token = var.slack_token
+  scope       = "All Resources, Restrict this Integration to global roles only"
+}
+
+resource "wiz_automation_rule_slackbot_send_notification" "default" {
+  name           = "example"
+  description    = "example description"
+  enabled        = true
+  integration_id = wiz_integration_slackbot.default.id
+  trigger_source = "ISSUES"
+  trigger_type = [
+    "RESOLVED",
+  ]
+  filters = jsonencode({
+    "severity" : [
+      "CRITICAL"
+    ]
+  })
+  slack_channel = var.slack_channel
+  slack_note    = var.slack_note
+}

examples/resources/wiz_integration_slackbot/resource.tf

@@ -0,0 +1,5 @@
+resource "wiz_integration_slackbot" "default" {
+  name        = "default"
+  slack_token = var.slack_token
+  scope       = "All Resources, Restrict this Integration to global roles only"
+}