new resource "azurerm_security_center_assessment" and rename "azurerm_security_center_assessment_metadata" to "azurerm_security_center_assessment_policy" #10694
Conversation
|
Hi @katbyte, I have added business description between assessment and assessment metadata. Could you have a review again? |
There was a problem hiding this comment.
Thanks @njuCZ - i've left some comments inline, and after figuring out how this service works and whats it does i think azurerm_security_center_assessment_metadata should have been named azurerm_security_center_assessment_policy - WDYT?
| } | ||
| } | ||
|
|
||
| resource "azurerm_security_center_assessment_metadata" "example" { |
There was a problem hiding this comment.
Sadly i think this should have be called azurerm_security_center_assessment_policy to be explicit and clear what its doing. could we copy that resource to azurerm_security_center_assessment_policy and deprecate the old one?
njuCZ
force-pushed
the
security_assessment
branch
from
1d74a8a
to
296c6b2
Compare
|
@katbyte Have updated this PR. added new resource "azurerm_security_center_assessment_policy" and deprecated "azurerm_security_center_assessment_metadata" |
…e "azurerm_security_center_assessment_metadata"
njuCZ
force-pushed
the
security_assessment
branch
from
296c6b2
to
7564df0
Compare
njuCZ
changed the title
|
@katbyte thanks for your review. I have fixed the conflicts. |
|
This has been released in version 2.51.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example: provider "azurerm" {
version = "~> 2.51.0"
}
# ... other configuration ... |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks! |
ghost
locked as resolved and limited conversation to collaborators
api doc: https://docs.microsoft.com/en-us/rest/api/securitycenter/assessments/createorupdate
according to the doc: an assessment metadata must be predefined and the name should be the same, so in the schema design, I add a property "assessment_metadata_id"
business description:
Assessment metadata represents static data on an assessment type. Meaning it is a resource you create and usually doesn’t change over time.
It contains much static data such as description, assessment severity, threats and more.
Assessment metadata can only be created at subscription level since it only represents metadata of assessments, therefore doesn’t apply to specific resources.
Assessments are specific instances of the corresponding Assessment Metadata.
Assessment is an extension resource over an existing resource.
For example- you can have Assessment Metadata which describes a VM has an open port, and a corresponding Assessment can be created on a specific VM which specifies that VM has an open port.