-
Notifications
You must be signed in to change notification settings - Fork 9.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
provider/aws: Add support for CloudTrail log validation + KMS encryption #5051
provider/aws: Add support for CloudTrail log validation + KMS encryption #5051
Conversation
ebe6989
to
d8de124
Compare
This looks good @radeksimko :) |
@radeksimko on the second run of these tests I got the following:
Is there a specific setup i need in my environment to ensure these pass constantly? |
Hmm, I assume this is going to be caused by IAM eventual consistency? |
That will also eventually make people who really used insufficient bucket policy wait though. I wish there was a different error code for these... 😢 |
Right - or some kind of endpoint to poll for IAM operations being "complete" :( |
I agree this needs solving, in fact I opened #4447 a while back to address such problems, but I don't think it should be solved in the context of this PR. It's something that affects CloudTrail generally. I can send a separate PR to work around this policy problem. |
I think we can merge this one and then solve the evential consistency in the next one |
provider/aws: Add support for CloudTrail log validation + KMS encryption
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Acceptance tests
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=AWSCloudTrail'