-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: add enabled_standard_arns if service_enabled is true in aws_securityhub_configuration_policy #36740
fix: add enabled_standard_arns if service_enabled is true in aws_securityhub_configuration_policy #36740
Conversation
Community NoteVoting for Prioritization
For Submitters
|
I changed the parameter |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🚀.
% make testacc TESTARGS='-run=TestAccSecurityHub_serial/ConfigurationPolicy' PKG=securityhub
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.21.8 test ./internal/service/securityhub/... -v -count 1 -parallel 20 -run=TestAccSecurityHub_serial/ConfigurationPolicy -timeout 360m
=== RUN TestAccSecurityHub_serial
=== PAUSE TestAccSecurityHub_serial
=== CONT TestAccSecurityHub_serial
=== RUN TestAccSecurityHub_serial/ConfigurationPolicyAssociation
=== RUN TestAccSecurityHub_serial/ConfigurationPolicyAssociation/basic
=== RUN TestAccSecurityHub_serial/ConfigurationPolicyAssociation/disappears
=== RUN TestAccSecurityHub_serial/ConfigurationPolicy
=== RUN TestAccSecurityHub_serial/ConfigurationPolicy/disappears
=== RUN TestAccSecurityHub_serial/ConfigurationPolicy/CustomParameters
=== RUN TestAccSecurityHub_serial/ConfigurationPolicy/ControlIdentifiers
=== RUN TestAccSecurityHub_serial/ConfigurationPolicy/basic
--- PASS: TestAccSecurityHub_serial (812.81s)
--- PASS: TestAccSecurityHub_serial/ConfigurationPolicyAssociation (416.64s)
--- PASS: TestAccSecurityHub_serial/ConfigurationPolicyAssociation/basic (344.39s)
--- PASS: TestAccSecurityHub_serial/ConfigurationPolicyAssociation/disappears (72.25s)
--- PASS: TestAccSecurityHub_serial/ConfigurationPolicy (396.17s)
--- PASS: TestAccSecurityHub_serial/ConfigurationPolicy/disappears (58.53s)
--- PASS: TestAccSecurityHub_serial/ConfigurationPolicy/CustomParameters (172.15s)
--- PASS: TestAccSecurityHub_serial/ConfigurationPolicy/ControlIdentifiers (84.52s)
--- PASS: TestAccSecurityHub_serial/ConfigurationPolicy/basic (80.98s)
PASS
ok github.com/hashicorp/terraform-provider-aws/internal/service/securityhub 823.850s
@sbldevnet Thanks for the contribution 🎉 👏. |
This functionality has been released in v5.45.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Description
If
enabled_standard_arns
is used, andservice_enabled
is set tofalse
, it will be included in the AWS API call. Now it's only added if it is not empty.This will fix the issue when trying to create a SecurityHub configuration policy without enabling any standards.
Current version ConfigurationPolicy:
With the proposed fix:
enabled_standard_arns
must be included only ifservice_enabled
is true.Relations
Closes #36739
References
https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_SecurityHubPolicy.html
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/securityhub/create-configuration-policy.html
Output from Acceptance Testing