cloudformation-coverage-roadmap icon indicating copy to clipboard operation
cloudformation-coverage-roadmap copied to clipboard

Published 20 hours ago verified publisher icon aws-cloudformation

AWS::Config::ConfigRule support tagging

Open robpickerill opened this issue 5 years ago • 9 comments

  1. Title -> AWS::Config::ConfigRule

  2. Scope of request -> Cloudformation resource AWS::Config::ConfigRule doesn't appear to support tags (but the API and CLI do support tags).

  3. Expected behavior -> It should be possible to tag a config rule (as the IAM conditions for PutConfigRule are based on tags).

  4. Test case recommendation (optional)

  5. Links to existing API doc (optional) -> PutConfigRule API - https://docs.aws.amazon.com/config/latest/APIReference/API_PutConfigRule.html#config-PutConfigRule-request-Tags CFN Config Rule - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-config-configrule.html

  6. Category tag (optional) -> Management

  7. Any additional context (optional)

robpickerill avatar Aug 08 '19 07:08 robpickerill

Any news about this one? Having tags helps a lot to protect some organization-wide rules from being modified while having the freedom to add additional rules in the local account.

pgarbe avatar Dec 21 '20 12:12 pgarbe

Hi team,

Any news? Tags are essential to manage and organize rules.

dacacioa avatar Apr 20 '22 16:04 dacacioa

Any news here? It would be great to have that feature to secure organization-wide rules via SCP without the need to deploy a custom resource to tag the rules

daknhh avatar Jun 02 '22 12:06 daknhh

Any news, if this issue is going to be planned on the roadmap? We definitely need this feature.

kirnberger1980 avatar Jun 03 '22 06:06 kirnberger1980

What do i need to do to get this issue prioritise :)

cool-raj avatar Jun 14 '22 11:06 cool-raj

Hi, This has been opened for a long time already. Any news regarding when this will be supported by CFN? Thanks.

fernandohonig avatar Jun 27 '22 12:06 fernandohonig

Any updates guys... We are blocked and we are building always alternate solutions which are pretty complex and the tagging could just solve the issue.

cool-raj avatar Nov 03 '22 09:11 cool-raj

Is there an update on this one? It is been a year since the last comment

guipaivanz avatar Oct 25 '23 01:10 guipaivanz

Any news here? It would be great to have that feature to secure organization-wide rules via SCP without the need to deploy a custom resource to tag the rules

Exactly. Stuck between a rock and a hard place when org rules (which can be protected in a security account) don't support remediation, but local rules (which run locally in less-trusted accounts) do not support protection from modification via SCP.

elduds avatar Jan 15 '24 03:01 elduds