-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(fsx): add new check fsx_file_system_copy_tags_to_volumes_enabled
#5414
feat(fsx): add new check fsx_file_system_copy_tags_to_volumes_enabled
#5414
Conversation
…should-be-configured-to-copy-tags-to-backups-and-volumes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Make the check not to create findings when copy_tags_to_volumes
is None.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #5414 +/- ##
==========================================
+ Coverage 89.18% 89.35% +0.16%
==========================================
Files 1040 1051 +11
Lines 32128 32581 +453
==========================================
+ Hits 28653 29112 +459
+ Misses 3475 3469 -6 ☔ View full report in Codecov by Sentry. |
Context
Add a new check to ensure Amazon FSx file systems (right now only OpenZFS allowed) are configured to copy tags to volumes. The control fails if the file system is not configured to copy tags to these resources.
Tags are critical for effective resource management, governance, and security. They help in categorizing AWS resources by attributes such as purpose, owner, or environment. By configuring FSx file systems to copy tags to volumes, you ensure that these important metadata are consistently applied, simplifying resource tracking and management.
Description
Added a new check
fsx_file_system_copy_tags_to_volumes_enabled
with respective unit tests and metadata.Checklist
License
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.