Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

resource/aws_guardduty_detector: Clarify finding_publishing_frequency usage for member accounts #7804

Merged
merged 2 commits into from
Mar 4, 2019
+9 −5
Merged

resource/aws_guardduty_detector: Clarify finding_publishing_frequency usage for member accounts #7804

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1db9645
resource/aws_guardduty_detector: Clarify finding_publishing_frequency…
bflad Mar 4, 2019
5aa1186
docs/resource/aws_guardduty_detector: Clarify member account finding_…
bflad Mar 4, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 8 additions & 3 deletions aws/resource_aws_guardduty_detector.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,10 +30,12 @@ func resourceAwsGuardDutyDetector() *schema.Resource {
Type: schema.TypeString,
Computed: true,
},
// finding_publishing_frequency is marked as Computed:true since
// GuardDuty member accounts inherit setting from master account
"finding_publishing_frequency": {
Type: schema.TypeString,
Optional: true,
Default: "SIX_HOURS",
Computed: true,
},
},
}
Expand All @@ -43,8 +45,11 @@ func resourceAwsGuardDutyDetectorCreate(d *schema.ResourceData, meta interface{}
conn := meta.(*AWSClient).guarddutyconn

input := guardduty.CreateDetectorInput{
Enable: aws.Bool(d.Get("enable").(bool)),
FindingPublishingFrequency: aws.String(d.Get("finding_publishing_frequency").(string)),
Enable: aws.Bool(d.Get("enable").(bool)),
}

if v, ok := d.GetOk("finding_publishing_frequency"); ok {
input.FindingPublishingFrequency = aws.String(v.(string))
}

log.Printf("[DEBUG] Creating GuardDuty Detector: %s", input)
Expand Down
3 changes: 1 addition & 2 deletions website/docs/r/guardduty_detector.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ Provides a resource to manage a GuardDuty detector.
```hcl
resource "aws_guardduty_detector" "MyDetector" {
enable = true
finding_publishing_frequency = "SIX_HOURS"
}
```

Expand All @@ -26,7 +25,7 @@ resource "aws_guardduty_detector" "MyDetector" {
The following arguments are supported:

* `enable` - (Optional) Enable monitoring and feedback reporting. Setting to `false` is equivalent to "suspending" GuardDuty. Defaults to `true`.
* `finding_publishing_frequency` - (Optional) Specifies the frequency of notifications sent for subsequent finding occurrences. Valid values: `FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS`. Default: `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.
* `finding_publishing_frequency` - (Optional) Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty master account and cannot be modified, otherwise defaults to `SIX_HOURS`. For standalone and GuardDuty master accounts, it must be configured in Terraform to enable drift detection. Valid values for standalone and master accounts: `FIFTEEN_MINUTES`, `ONE_HOUR`, `SIX_HOURS`. See [AWS Documentation](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings_cloudwatch.html#guardduty_findings_cloudwatch_notification_frequency) for more information.

## Attributes Reference

Expand Down