Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add Automated Acceptance Test #452

Merged
merged 21 commits into from
Feb 29, 2024
Merged

feat: Add Automated Acceptance Test #452

merged 21 commits into from
Feb 29, 2024

Conversation

peermuellerxw
Copy link
Contributor

No description provided.

aperov9
aperov9 reviewed Feb 28, 2024
View reviewed changes
tests/guardduty_test.py
management_account_id,
]

assert expected_members == actual_members
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this might fail once not all accounts in the suspended OU are not actually suspended

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The accounts should be de-registered by the cleanup script, or not?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I double-checked. It works because we use the manual invite/accept mechanism, not the organizational guard duty feature that automatically adds all accounts. We need to make sure that the clean-up script deletes the detectors properly since it still fails from time to time, so we avoid false positives.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I think we use the same for the backup feature. Maybe the organizations feature was not available at the time of creation?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, generally aws is a bit slow in regards to integrating services on the organisational level. I'm pretty sure back then it was simply not available yet. the LZA for example uses the guard duty and security hub on org level

@aperov9
Copy link
Contributor

aperov9 commented Feb 28, 2024

LGTM overall 👍🏻

@peermuellerxw peermuellerxw changed the title Feat: Add Automated Acceptance Test feat: Add Automated Acceptance Test Feb 28, 2024
@peermuellerxw peermuellerxw merged commit 7dd3699 into main Feb 29, 2024
8 checks passed
@peermuellerxw peermuellerxw deleted the aac-improve branch February 29, 2024 10:57
@aperov9 aperov9 added this to released in Roadmap Apr 2, 2024
@aperov9 aperov9 moved this from released to v1.1.0 in Roadmap Apr 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aperov9 aperov9 aperov9 left review comments

Assignees
No one assigned
Labels
None yet
Projects
Roadmap
Status: v1.1.0
Roadmap
v1.1.0
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@peermuellerxw @aperov9