-
Notifications
You must be signed in to change notification settings - Fork 9.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GuardDuty update member accounts' detectors #26168
Comments
Stumbled upon this issue myself. I think it might make sense to have a Alternatively, can be done like the suggestion above, but removing the required email configuration. |
Hi, |
We also really need this. |
Release 5.20.0 added an |
Really need this |
We also need this. |
I'm drafting a PR for this. Initial plan is to add a resource like this:
Would appreciate input for the following: Deleting resources Which would be better?
Acceptance Testing There are multiple preconditions here:
Not 100% sure but I think you cannot use the API to update the delegated admin account itself. At least in the AWS console, the accounts listed does not contain the delegated admin account and you enable the features in a different place. What in your opinion would be the best way to write the acc tests?
|
I’d much prefer 1: just delete the resource. It’s consistent with the way other resources are handled. More important, it’s usually obvious if you delete, say, an EC2 instance. Hey, my thing stopped working! If you turn off a feature here through misconfiguring TF, everything will continue to work, except that you’ll lose the security features you thought were monitoring your accounts. |
Community Note
Description
Currently Terraform cannot change the status of detectors of member accounts in a GuardDuty multi-account setup. For example enabling or disabling the S3 Protection.
Member accounts are not allowed to change their own detector status.
New or Affected Resource(s)
Potential Terraform Configuration
References
The text was updated successfully, but these errors were encountered: