Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add GuardDuty filter resource #14876

Merged
merged 70 commits into from
Sep 2, 2020
Merged

Add GuardDuty filter resource #14876

merged 70 commits into from
Sep 2, 2020

Conversation

gdavison
Copy link
Contributor

@gdavison gdavison commented Aug 27, 2020
edited
Loading

Completes work done in #10676 by @graffzon and @suzuki-shunsuke to add GuardDuty filter resource

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #9647
Closes #10676

Release note for CHANGELOG:

**New Resource:** `aws_guardduty_filter `

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccAWSGuardDuty_serial/Filter'

--- PASS: TestAccAWSGuardDuty_serial (212.02s)
    --- PASS: TestAccAWSGuardDuty_serial/Filter (212.02s)
        --- PASS: TestAccAWSGuardDuty_serial/Filter/update (52.53s)
        --- PASS: TestAccAWSGuardDuty_serial/Filter/tags (72.38s)
        --- PASS: TestAccAWSGuardDuty_serial/Filter/disappears (28.38s)
        --- PASS: TestAccAWSGuardDuty_serial/Filter/basic (58.73s)

kzonov and others added 30 commits July 7, 2020 09:43
@kzonov
Merge pull request #2 from terraform-providers/master
dd41a64 
Merging master into feature branch
@kzonov
Added a partially copied, partially corrected resource file
af118c7
@kzonov
Fixed or workarounded syntax errors
70d99dd
@kzonov
Made Create action uncommented and not crashing
622fe20
@kzonov
Made Create action to make its way to the API request
8852d14
@kzonov
Added tags field for creation
6f7535a
@kzonov
Fixed tags assignment
17e3fb4
@kzonov
Made create request work for region only condition
7f22a94
@kzonov
Implemented DELETE action for filters
fc29555
@kzonov
Filled in finding criteria
031b0f1
@kzonov
Extracted buildFindingCriteria
e912469
@kzonov
Changed the format of guard_duty_filter criterion
7df19eb
@kzonov
Made different sort of conditions work
fb5db6f
@kzonov
Added the update action for the guardduty filter
c8b3284
@kzonov
Cleaned up the action default and unveiled the update action
4dfc52c
@kzonov
Added validations for generic cases
f990e1e
@kzonov
Implemented on-the-flight validation for the conditions
2fa228f
@kzonov
Cleaned up comments
bdba53c
@kzonov
Made Id of GD filter to be a compounded one
fd81374
@kzonov
Moved a function
34c8630
@kzonov
Added import function without the findingCriteria
08b50a8
@kzonov
Gofmt fixes
db2daeb
@kzonov
Gofmt with -s fixes
bc4ac65
@kzonov
Implemented a mock of flattening of the finding criteria
c241f37
@kzonov
Fixed map with possible conditions
d4b07c2
@kzonov
Made import work also for Finding Criteria
d6e6608
@kzonov
Dryed up the flattening functions
73a737e
@kzonov
Just moved things around
7432698
@kzonov
Fixed create/update case where one field can contain more than one co…
2821f87 
…ndition
@kzonov
Implemented a better error output
de0c9b5
@ghost ghost added size/XL Managed by automation to categorize the size of a PR. documentation Introduces or discusses updates to documentation. provider Pertains to the provider itself, rather than any interaction with AWS. service/guardduty Issues and PRs that pertain to the guardduty service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Aug 27, 2020
@gdavison gdavison marked this pull request as ready for review August 28, 2020 23:19
@gdavison gdavison requested a review from a team August 28, 2020 23:19
@gdavison gdavison marked this pull request as draft August 31, 2020 20:35
@gdavison gdavison marked this pull request as ready for review August 31, 2020 23:02
bflad
bflad approved these changes Sep 1, 2020
View reviewed changes
Copy link
Contributor

@bflad bflad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just some minor items to consider, otherwise looking good! 🚀

Output from acceptance testing:

    --- PASS: TestAccAWSGuardDuty_serial/Filter (102.51s)
        --- PASS: TestAccAWSGuardDuty_serial/Filter/update (26.72s)
        --- PASS: TestAccAWSGuardDuty_serial/Filter/tags (33.67s)
        --- PASS: TestAccAWSGuardDuty_serial/Filter/disappears (16.50s)
        --- PASS: TestAccAWSGuardDuty_serial/Filter/basic (25.62s)

aws/resource_aws_guardduty_filter.go Outdated
Comment on lines 225 to 244
input := guardduty.UpdateFilterInput{
Action: aws.String(d.Get("action").(string)),
Description: aws.String(d.Get("description").(string)),
DetectorId: aws.String(d.Get("detector_id").(string)),
FilterName: aws.String(d.Get("name").(string)),
Rank: aws.Int64(int64(d.Get("rank").(int))),
}

var err error
input.FindingCriteria, err = expandFindingCriteria(d.Get("finding_criteria").([]interface{}))
if err != nil {
return err
}

log.Printf("[DEBUG] Updating GuardDuty Filter: %s", input)

_, err = conn.UpdateFilter(&input)
if err != nil {
return fmt.Errorf("error updating GuardDuty Filter %s: %w", d.Id(), err)
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To prevent the UpdateFilter API call when only tags are updated, this logic should be wrapped with d.HasChanges():

Suggested change
input := guardduty.UpdateFilterInput{
Action: aws.String(d.Get("action").(string)),
Description: aws.String(d.Get("description").(string)),
DetectorId: aws.String(d.Get("detector_id").(string)),
FilterName: aws.String(d.Get("name").(string)),
Rank: aws.Int64(int64(d.Get("rank").(int))),
}
var err error
input.FindingCriteria, err = expandFindingCriteria(d.Get("finding_criteria").([]interface{}))
if err != nil {
return err
}
log.Printf("[DEBUG] Updating GuardDuty Filter: %s", input)
_, err = conn.UpdateFilter(&input)
if err != nil {
return fmt.Errorf("error updating GuardDuty Filter %s: %w", d.Id(), err)
}
if d.HasChanges("action", "description", "finding_criteria", "rank") {
input := guardduty.UpdateFilterInput{
Action: aws.String(d.Get("action").(string)),
Description: aws.String(d.Get("description").(string)),
DetectorId: aws.String(d.Get("detector_id").(string)),
FilterName: aws.String(d.Get("name").(string)),
Rank: aws.Int64(int64(d.Get("rank").(int))),
}
var err error
input.FindingCriteria, err = expandFindingCriteria(d.Get("finding_criteria").([]interface{}))
if err != nil {
return err
}
log.Printf("[DEBUG] Updating GuardDuty Filter: %s", input)
_, err = conn.UpdateFilter(&input)
if err != nil {
return fmt.Errorf("error updating GuardDuty Filter %s: %w", d.Id(), err)
}
}

aws/resource_aws_guardduty_filter.go Outdated
}

func joinGuardDutyFilterID(detectorID, filterName string) string {
return detectorID + "_" + filterName
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we would like consistency with the other GuardDuty resources, they use the colon (:) separator. 👍 e.g.

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_ipset#import
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/guardduty_publishing_destination#import

aws/resource_aws_guardduty_filter_test.go Outdated
func testAccGuardDutyFilterConfig_full(startDate, endDate string) string {
return fmt.Sprintf(`
resource "aws_guardduty_filter" "test" {
detector_id = "${aws_guardduty_detector.test.id}"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Terraform 0.12 syntax

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's embarrassing…

@bflad bflad added the new-resource Introduces a new resource. label Sep 1, 2020
@gdavison gdavison merged commit 42185e6 into master Sep 2, 2020
@gdavison gdavison deleted the added-guardduty-filter-resource branch September 2, 2020 21:58
@gdavison gdavison added this to the v3.5.0 milestone Sep 2, 2020
gdavison added a commit that referenced this pull request Sep 2, 2020
@gdavison
Update CHANGELOG for #14876
e758137
@ghost
Copy link

ghost commented Sep 3, 2020

This has been released in version 3.5.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@ghost
Copy link

ghost commented Oct 3, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked as resolved and limited conversation to collaborators Oct 3, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bflad bflad bflad approved these changes

Assignees
No one assigned
Labels
documentation Introduces or discusses updates to documentation. new-resource Introduces a new resource. provider Pertains to the provider itself, rather than any interaction with AWS. service/guardduty Issues and PRs that pertain to the guardduty service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v3.5.0
Development

Successfully merging this pull request may close these issues.

AWS GuardDuty: Add support for creating filters
4 participants
@gdavison @bflad @kzonov @suzuki-shunsuke