Added guardduty filter resource

[kzonov]

Community Note

• Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
• Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

Relates OR Closes #0000 (Sorry, I didn't get, shall I create an issue for this PR or the PR on its own is enough?)

Release note for CHANGELOG:

Added a GuardDuty Filter resource.

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccAWSGuardDuty/Filter'
    --- PASS: TestAccAWSGuardDuty/Filter (34.36s)
        --- PASS: TestAccAWSGuardDuty/Filter/basic (16.44s)
        --- PASS: TestAccAWSGuardDuty/Filter/import (17.92s)
...

[kzonov]

Hi there! I see you have hundreds of pull requests, folks :( Is there any chance I can speed up a review for this one?

[gdavison]

Thanks for the PR, @graffzon, it looks good. I have a few changes for you to make

[gdavison]

Use resource.TestCheckResourceAttrPair to verify that the correct value is set

[gdavison]

Hi @graffzon, are you still interested in working on this PR?

[suzuki-shunsuke]

@graffzon @gdavison
Thank you for your great work.
I'm interested in this pull request, but this seems to be pending.

Can I contribute to this pull request?
If I can, how should I do?

I checked out this pull request and added some commits according to the review comments.

• master...suzuki-shunsuke:added-guardduty-filter-resource

Should I create a new pull request? Or is there any other way?

Thank you.

[kzonov]

Hi folks, my apologies for keeping silence. @suzuki-shunsuke if you have time and willingness to contribute to this PR - I'd be happy. Unfortunately I don't have a prepared setup to test the GuardDuty resources anymore. However, if it will hang for a couple more months, I might have time to come back to it 😅

[kzonov]

@suzuki-shunsuke I found a way to merge your changes into this PR, thanks a lot for your work.
@gdavison could you please take another look at the PR after the changes made by @suzuki-shunsuke ?

[suzuki-shunsuke]

@graffzon Thanks a lot.
I add commits to fix the failure of CI.
Would you merge these commits too? 6d1a03f 045794d 53d0e17

• errors
  • awsproviderlint - AWSR002: missing (keyvaluetags.KeyValueTags).IgnoreConfig()
  • tfproviderdocs check - YAML frontmatter should not contain sidebar_current
• added commits master...suzuki-shunsuke:added-guardduty-filter-resource
  • 6d1a03f
  • 045794d
  • 53d0e17

[kzonov]

@suzuki-shunsuke Thanks for being that quick :)
I didn't manage to merge your PR because it contained an update from upstream and produced a weird changes for me, so I just updated my fork from the upstream and added the code you implemented in your commits, tagging you in the commits' description. By some reason it still fails, I will have a look later today

[suzuki-shunsuke]

@graffzon

I didn't manage to merge your PR because it contained an update from upstream and produced a weird changes for me

Would you cherry pick 045794d and 53d0e17 instead of bb3819c 255ff95?

$ git remote add suzuki-shunsuke https://github.com/suzuki-shunsuke/terraform-provider-aws 
$ git remote -v
origin	https://github.com/graffzon/terraform-provider-aws (fetch)
origin	https://github.com/graffzon/terraform-provider-aws (push)
suzuki-shunsuke	https://github.com/suzuki-shunsuke/terraform-provider-aws (fetch)
suzuki-shunsuke	https://github.com/suzuki-shunsuke/terraform-provider-aws (push)

$ git fetch suzuki-shunsuke
$ git reset HEAD~2 --hard # remove bb3819c 255ff95
$ git cherry-pick 045794d 53d0e17
$ git push origin added-guardduty-filter-resource --force

[gdavison]

Thanks for the updates, @graffzon and @suzuki-shunsuke. I've done a deeper review of the PR and have a number of changes to make

[gdavison]

criterionResource() should not redefine the schema here. The best option is probably to define a hash function that can be used here and set it on the schema as well.

[suzuki-shunsuke]

bea0cb4

[gdavison]

strconv.Itoa() would be a simpler function to use here, since we don't need to specify the base.

[suzuki-shunsuke]

https://github.com/suzuki-shunsuke/terraform-provider-aws/commit/ee392bd4d8555f2f45a87f9ddc58b04cfe327803 -> I removed this commit. #10676 (comment)

[suzuki-shunsuke]

The type of *conditionValue is int64 but the type of the argument strconv.Itoa is int.
So strconv.FormatInt isn't wrong.

[gdavison]

The two flattenStringCondition() calls here could take a []string parameter, and have the dereference happen here

Suggested change

	flatCriteria = append(flatCriteria, flattenStringCondition(field, "equals", conditions.Equals))
	flatCriteria = append(flatCriteria, flattenStringCondition(field, "equals", aws.StringValueSlice(conditions.Equals)))

[suzuki-shunsuke]

https://github.com/suzuki-shunsuke/terraform-provider-aws/commit/59db7dd4624918589b69266026dd266bf44fa71a

[gdavison]

The four flattenIntCondition() calls here could take an int parameter and have the dereference happen here

Suggested change

	flatCriteria = append(flatCriteria, flattenIntCondition(field, "greater_than", conditions.GreaterThan))
	flatCriteria = append(flatCriteria, flattenIntCondition(field, "greater_than", int(aws.Int64Value(conditions.GreaterThan))))

[suzuki-shunsuke]

https://github.com/suzuki-shunsuke/terraform-provider-aws/commit/59db7dd4624918589b69266026dd266bf44fa71a

[gdavison]

These should be replaced by the constants defined in the AWS SDK

Suggested change

	"NOOP",
	"ARCHIVE",
	guardduty.FilterActionNoop,
	guardduty..FilterActionArchive,

[suzuki-shunsuke]

5d4dd08

[suzuki-shunsuke]

@gdavison Thank you for your review.
I'll deal with it.

[gdavison]

Hi @graffzon and @suzuki-shunsuke. We'd like to get this merged in. @graffzon do you want to merge @suzuki-shunsuke's changes into your PR, or @suzuki-shunsuke do you want to create a PR from your branch?

We'll also need to update the version of the Terraform SDK plugin to v2. Update references to the package github.com/hashicorp/terraform-plugin-sdk/* to github.com/hashicorp/terraform-plugin-sdk/v2/*. You may be able to Git rebase your branch against the current master branch (example below); replacing any remaining old import paths with the newer ones.

$ git fetch --all
$ git rebase origin/master

[kzonov]

Thanks for your tremendous effort @gdavison and @suzuki-shunsuke !!! 🙏
I merged the branch from @suzuki-shunsuke and rebased from the latest master.
Just not sure why it says only 4 checks when I'm pretty sure I saw smth like 12 before rebasing. I'm not very familiar with the Github Checks, it's a rather new feature that I haven't used yet. Might it have just skipped some checks? Like I don't actually see the tests being ran e.g.
And about the review, sorry I've dropped out from the review process, is everything incorporated now?

[gdavison]

Thanks again for all the work you've put in, @graffzon and @suzuki-shunsuke. There are a few remaining changes we'd like to see before merging the PR.

If one of you would like to make the changes go ahead. Otherwise, I can make the changes next week (24 August) so that we can get it in for the release that week.

[ghost]

This has been released in version 3.5.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!