aws-samples/aws-security-reference-architecture-examples

[BUG] GuardDuty Organization solution does not deploy

jdruffel opened this issue ยท 1 comments

jdruffel commented

Community Note

  • Please vote on this issue by adding a ๐Ÿ‘ reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Describe the bug

Hey,

I updated to the newest version of the aws sra, but unfortunately my guardduty solution does not deploy even after deleting the whole stack/stackset and recreating it again.
I'll get the following error in the nested stack which creates the custom Lambda Function :

Received response status [FAILED] from custom resource. Message returned: Parameter validation failed: Unknown parameter in input: "Features", must be one of: DetectorId, AutoEnable, DataSources (RequestId: xyz)

Here the Error from Cloudwatch-Logs:
"exception": "Traceback (most recent call last):\n File "/var/task/crhelper/resource_helper.py", line 204, in _wrap_function\n self.PhysicalResourceId = func(self._event, self._context) if func else ''\n File "/var/task/app.py", line 267, in process_cloudformation_event\n process_create_update_event(params, regions)\n File "/var/task/app.py", line 216, in process_create_update_event\n guardduty.configure_guardduty(\n File "/var/task/guardduty.py", line 570, in configure_guardduty\n update_guardduty_configuration(\n File "/var/task/guardduty.py", line 479, in update_guardduty_configuration\n guardduty_client.update_organization_configuration(**org_configuration_params)\n File "/opt/python/botocore/client.py", line 508, in _api_call\n return self._make_api_call(operation_name, kwargs)\n File "/opt/python/botocore/client.py", line 874, in _make_api_call\n request_dict = self._convert_to_request_dict(\n File "/opt/python/botocore/client.py", line 935, in _convert_to_request_dict\n request_dict = self._serializer.serialize_to_request(\n File "/opt/python/botocore/validate.py", line 381, in serialize_to_request\n raise ParamValidationError(report=report.generate_report())\nbotocore.exceptions.ParamValidationError: Parameter validation failed:\nUnknown parameter in input: "Features", must be one of: DetectorId, AutoEnable, DataSources"

Do you have any idea where my issue is or is it maybe a bug?

To Reproduce

Steps to reproduce the behavior:

  1. (setting up all the prerequisites)
  2. run " aws cloudformation deploy --template-file $HOME/aws-sra-examples/aws_sra_examples/solutions/guardduty/guardduty_org/templates/sra-guardduty-org-main-ssm.yaml --stack-name sra-guardduty-org-main-ssm --capabilities CAPABILITY_NAMED_IAM"

Expected behavior

The solution to deploy correctly

Deployment Environment

  • Deployment Framework: CloudFormation StackSets
  • Deployment Framework Version: newest git pull
mlfulleraws commented

Thank you for reporting the issues, we have tested the issue and could not replicate.