-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
new resource "azurerm_security_center_assessment" and rename "azurerm_security_center_assessment_metadata" to "azurerm_security_center_assessment_policy" #10694
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @njuCZ - i've left one comment inline, in addition to that could you explain how this resource/service work so i can better review the PR?
Hi @katbyte, I have added business description between assessment and assessment metadata. Could you have a review again? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @njuCZ - i've left some comments inline, and after figuring out how this service works and whats it does i think azurerm_security_center_assessment_metadata
should have been named azurerm_security_center_assessment_policy
- WDYT?
} | ||
} | ||
|
||
resource "azurerm_security_center_assessment_metadata" "example" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sadly i think this should have be called azurerm_security_center_assessment_policy
to be explicit and clear what its doing. could we copy that resource to azurerm_security_center_assessment_policy
and deprecate the old one?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
1d74a8a
to
296c6b2
Compare
@katbyte Have updated this PR. added new resource "azurerm_security_center_assessment_policy" and deprecated "azurerm_security_center_assessment_metadata" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @njuCZ - LGTM 👍
…e "azurerm_security_center_assessment_metadata"
296c6b2
to
7564df0
Compare
@katbyte thanks for your review. I have fixed the conflicts. |
This has been released in version 2.51.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example: provider "azurerm" {
version = "~> 2.51.0"
}
# ... other configuration ... |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks! |
api doc: https://docs.microsoft.com/en-us/rest/api/securitycenter/assessments/createorupdate
according to the doc: an assessment metadata must be predefined and the name should be the same, so in the schema design, I add a property "assessment_metadata_id"
business description:
Assessment metadata represents static data on an assessment type. Meaning it is a resource you create and usually doesn’t change over time.
It contains much static data such as description, assessment severity, threats and more.
Assessment metadata can only be created at subscription level since it only represents metadata of assessments, therefore doesn’t apply to specific resources.
Assessments are specific instances of the corresponding Assessment Metadata.
Assessment is an extension resource over an existing resource.
For example- you can have Assessment Metadata which describes a VM has an open port, and a corresponding Assessment can be created on a specific VM which specifies that VM has an open port.