-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws - rds-param-group - add db-parameter filter #9570
base: main
Are you sure you want to change the base?
Conversation
@thisisshi submitted a new PR based on discussion in #9505 |
@kapilt @ajkerrigan @thisisshi could i have a review for this PR |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks good to me - seems like a useful enhancement that avoids having to tackle these sorts of checks from the instance level 👍 . Thanks!
|
||
@staticmethod | ||
def recast(val, datatype): | ||
""" Re-cast the value based upon an AWS supplied datatype |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer not to see this duplicated between rds and rds cluster modules, ie. its a static method in the original so you can omit this and just import rds module and use the ParameterFilter.recast method at call sites instead of copy/pasting here.
self.assertEqual(len(resources), 1) | ||
|
||
|
||
class ParameterFilterTestCase(BaseTest): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these test cases also go away without the duplicate code.
Rds and rdscluster resource currently does not support an action to modify the parameter group attached to a db instance or cluster. Our compliance operations require a policy that checks if a db instance or cluster parameter group has TLS encryption enabled and set to correct version. we would need a filter for db - parameters.
Sample policy