Skip to main content
Fetches details of an existing custom attestation type from Kosli. Custom attestation types define how Kosli validates and evaluates evidence from proprietary tools, custom metrics, or specialized compliance requirements. Use this data source to retrieve information about an existing custom attestation type. This is useful for:
  • Referencing existing attestation types in other configurations
  • Creating variants of existing types with modified rules
  • Querying attestation type metadata and schemas

Example usage

terraform {
  required_providers {
    kosli = {
      source = "kosli-dev/kosli"
    }
  }
}

# Query an existing custom attestation type
data "kosli_custom_attestation_type" "security" {
  name = "security-scan"
}

# Use the queried schema in a new attestation type
resource "kosli_custom_attestation_type" "security_strict" {
  name        = "security-scan-strict"
  description = "Stricter security requirements"

  # Reuse the schema from the existing type
  schema = data.kosli_custom_attestation_type.security.schema

  # Apply stricter validation rules
  jq_rules = [
    ".critical_vulnerabilities == 0",
    ".high_vulnerabilities == 0",
    ".medium_vulnerabilities < 3"
  ]
}

# Reference attestation type metadata
output "security_scan_description" {
  description = "Description of the security scan attestation type"
  value       = data.kosli_custom_attestation_type.security.description
}

output "security_scan_rules" {
  description = "JQ rules for the security scan attestation type"
  value       = data.kosli_custom_attestation_type.security.jq_rules
}

output "security_scan_archived" {
  description = "Whether the security scan attestation type is archived"
  value       = data.kosli_custom_attestation_type.security.archived
}

Querying archived types

By default, the data source retrieves active (non-archived) attestation types. Archived types can be queried but are read-only and typically represent historical configurations. The archived attribute indicates whether an attestation type has been deleted/archived in Kosli. Archived types cannot be modified through Terraform.

Schema

Required

  • name (String) The name of the custom attestation type. Must start with a letter or number and contain only letters, numbers, periods, hyphens, underscores, and tildes.

Read-only

  • archived (Boolean) Whether this attestation type has been archived.
  • description (String) A description of what this attestation type validates.
  • jq_rules (List of String) List of jq expressions that define evaluation rules. All rules must evaluate to true for compliance.
  • schema (String) JSON Schema that defines the structure of attestation data.
Last modified on March 16, 2026