Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

iot-alpha: support for creating account audit configuration #31663

Closed
1 of 2 tasks
badmintoncryer opened this issue Oct 5, 2024 · 2 comments · Fixed by #31661 or softwaremill/tapir#4137 · May be fixed by NOUIY/aws-solutions-constructs#135, NOUIY/aws-solutions-constructs#136 or bensullivan2002/photo-website#3
Closed
1 of 2 tasks

iot-alpha: support for creating account audit configuration #31663

badmintoncryer opened this issue Oct 5, 2024 · 2 comments · Fixed by #31661 or softwaremill/tapir#4137 · May be fixed by NOUIY/aws-solutions-constructs#135, NOUIY/aws-solutions-constructs#136 or bensullivan2002/photo-website#3
Labels
@aws-cdk/aws-iot Related to AWS IoT effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2

Comments

@badmintoncryer
Copy link
Contributor

Describe the feature

To create AccountAuditConfiguration L2 construct for AWS IoT alpha module.

Use Case

AWS Cloudformation supports for creating account audit configuration for an AWS IoT Device Defender but AWS CDK doesn't.

Proposed Solution

No response

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change

CDK version used

2.160.0

Environment details (OS name and version, etc.)

irrelevant
@badmintoncryer badmintoncryer added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Oct 5, 2024
@github-actions github-actions bot added the @aws-cdk/aws-iot Related to AWS IoT label Oct 5, 2024
@badmintoncryer badmintoncryer mentioned this issue Oct 5, 2024
Merged
1 task
@pahud pahud added p2 effort/medium Medium work item – several days of effort and removed needs-triage This issue or PR still needs to be triaged. labels Oct 6, 2024
@pahud
Copy link
Contributor

pahud commented Oct 6, 2024

Thank you for the PR!

@mergify mergify bot closed this as completed in #31661 Oct 7, 2024
mergify bot pushed a commit that referenced this issue Oct 7, 2024
@badmintoncryer
feat(iot-alpha): support for account audit configuration (#31661)
fc19571 
### Issue # (if applicable)

Closes #31663.

### Reason for this change

Cloudformation supports create an account audit configuration but AWS CDK doesn't support it.

### Description of changes

- Define `IAccountAuditConfiguration`
- Define `AccountAuditConfiguration` class and `AccountAuditConfigurationProps`

I couldn't find documentation regarding the required policies for the role when executing an audit, but when enabling the audit configuration through the management console, it was set to use a "AWSIoTDeviceDefenderAudit" managed policy. 
This implementation follows that same approach.

<img width="624" alt="スクリーンショット 2024-10-05 15 05 10" src="https://github.com/user-attachments/assets/61f9d0bb-2606-4b2d-9c8f-8245f7f47c68">

### Description of how you validated changes

Add both unit and integ tests

### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 7, 2024

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 7, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
@aws-cdk/aws-iot Related to AWS IoT effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2
Projects
None yet
Milestone
No milestone
2 participants
@pahud @badmintoncryer