> ## Documentation Index > Fetch the complete documentation index at: https://docs.kosli.com/llms.txt > Use this file to discover all available pages before exploring further. ## Submitting Feedback If you encounter incorrect, outdated, or confusing documentation on this page, submit feedback: POST https://docs.kosli.com/feedback ```json { "path": "/administration/managing_custom_attestation_types/overview", "feedback": "Description of the issue" } ``` Only submit feedback when you have something specific and actionable to report. # Managing Custom Attestation Types > Learn how to manage Kosli custom attestation types via Terraform, including creating and importing types with JSON Schema and jq evaluation rules. The preferred way to manage custom attestation types is via the Kosli Terraform provider, so your Kosli configuration is version-controlled alongside your infrastructure. You can also manage custom attestation types through the Kosli CLI. This page covers managing custom attestation types via Terraform. For an introduction to custom attestation types and creating them via the CLI, see [Getting started: Attestations](/getting_started/attestations). Custom attestation types define how Kosli validates evidence from tools that don't have a built-in Kosli attestation command. Each type can include: * A **JSON Schema** (optional) that defines the expected structure of attestation data * **jq rules** (optional) that evaluate the data to determine compliance At least one of the two must be provided. ## Create a custom attestation type ### With schema and jq rules ```hcl theme={"theme":"dracula","languages":{"custom":["/languages/rego.json"]}} resource "kosli_custom_attestation_type" "security_scan" { name = "security-scan" description = "Validates security scan results" schema = jsonencode({ type = "object" properties = { critical_vulnerabilities = { type = "integer" } high_vulnerabilities = { type = "integer" } scan_date = { type = "string" } } required = ["critical_vulnerabilities", "high_vulnerabilities", "scan_date"] }) jq_rules = [ ".critical_vulnerabilities == 0", ".high_vulnerabilities < 5" ] } ``` ### With jq rules only ```hcl theme={"theme":"dracula","languages":{"custom":["/languages/rego.json"]}} resource "kosli_custom_attestation_type" "code_coverage" { name = "code-coverage" description = "Requires at least 80% line coverage" jq_rules = [".line_coverage >= 80"] } ``` ### With schema only ```hcl theme={"theme":"dracula","languages":{"custom":["/languages/rego.json"]}} resource "kosli_custom_attestation_type" "deployment_record" { name = "deployment-record" description = "Validates deployment record structure" schema = jsonencode({ type = "object" properties = { deployed_by = { type = "string" } deployed_at = { type = "string" } environment = { type = "string" } } required = ["deployed_by", "deployed_at", "environment"] }) } ``` ## Import an existing custom attestation type If you have custom attestation types created via the CLI, you can bring them under Terraform management by importing them into your Terraform state. 1. Find the attestation type name in the Kosli UI or run: ```shell theme={"theme":"dracula","languages":{"custom":["/languages/rego.json"]}} kosli list attestation-types ``` 2. Add a matching `kosli_custom_attestation_type` resource block to your configuration. 3. Run the import: ```shell theme={"theme":"dracula","languages":{"custom":["/languages/rego.json"]}} terraform import kosli_custom_attestation_type.security_scan security-scan ``` 4. Verify with `terraform plan` — no changes should be planned if the import succeeded. ## Reference * [`kosli_custom_attestation_type` resource](/terraform-reference/resources/custom_attestation_type) * [`kosli_custom_attestation_type` data source](/terraform-reference/data-sources/custom_attestation_type) * [Kosli Terraform provider on the Terraform Registry](https://registry.terraform.io/providers/kosli-dev/kosli/latest)