Fix: Removal of maximum_execution_frequency argument for 3 rules.

[hajkeats]

Description

Setting check_elb_logging_enabled = true and check_s3_bucket_level_public_access_prohibited = true results in errors like so:

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

module.config_rules.module.aws_config.aws_config_config_rule.s3-bucket-level-public-access-prohibited[0]: Creating...
module.config_rules.module.aws_config.aws_config_config_rule.elb-logging-enabled[0]: Creating...
╷
│ Error: Error creating AWSConfig rule: Failed to create AWSConfig rule: InvalidParameterValueException: A maximum execution frequency for this rule is not allowed because only a change in resources triggers this managed rule.
│
│   with module.config_rules.module.aws_config.aws_config_config_rule.elb-logging-enabled[0],
│   on .terraform/modules/config_rules.aws_config/config-rules.tf line 771, in resource "aws_config_config_rule" "elb-logging-enabled":
│  771: resource "aws_config_config_rule" "elb-logging-enabled" {
│
╵
╷
│ Error: Error creating AWSConfig rule: Failed to create AWSConfig rule: InvalidParameterValueException: A maximum execution frequency for this rule is not allowed because only a change in resources triggers this managed rule.
│
│   with module.config_rules.module.aws_config.aws_config_config_rule.s3-bucket-level-public-access-prohibited[0],
│   on .terraform/modules/config_rules.aws_config/config-rules.tf line 896, in resource "aws_config_config_rule" "s3-bucket-level-public-access-prohibited":
│  896: resource "aws_config_config_rule" "s3-bucket-level-public-access-prohibited" {
│

There may be more than 2 rules affected by this issue, but these are the ones we have been trying to enable.

Fix

Removing the maximum_execution_frequency argument for the two rules allows for the rules to be created.

Update

3rd rule found with the same issue: dynamodb-table-encrypted-kms

[hajkeats]

Update - 3rd rule found with the same issue:

│ Error: Error creating AWSConfig rule: Failed to create AWSConfig rule: InvalidParameterValueException: A maximum execution frequency for this rule is not allowed because only a change in resources triggers this managed rule.
│
│   with module.config_rules.module.aws_config.aws_config_config_rule.dynamodb-table-encrypted-kms[0],
│   on .terraform/modules/config_rules.aws_config/config-rules.tf line 629, in resource "aws_config_config_rule" "dynamodb-table-encrypted-kms":
│  629: resource "aws_config_config_rule" "dynamodb-table-encrypted-kms" {

[rpdelaney]

Thanks @hajkeats ! This is in our backlog to investigate. In the mean time, we would accept a PR :) (edit: this is a PR 🤦 )

[esacteksab]

Released in https://github.com/trussworks/terraform-aws-config/releases/tag/v5.1.0 thank you very much for the contribution!