Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit comments for uuid-style resources updates (requires DiffSuppress strings) #77

Open
Tracked by #66
migara opened this issue Apr 19, 2024 · 1 comment
Open
Tracked by #66

Audit comments for uuid-style resources updates (requires DiffSuppress strings) #77

migara opened this issue Apr 19, 2024 · 1 comment
Labels
component/terraform

Comments

@migara
Copy link
Member

migara commented Apr 19, 2024

audit comment is part of the rule schema, and if the user only changes the audit comment but not any other parameters related to the rule, the state should not detect a diff.
This was referenced Apr 19, 2024
Open
Open
@shinmog
Copy link
Collaborator

shinmog commented Apr 25, 2024

Assuming abandoning #76 then this just needs audit comments added to uuid-style resources.

With regards to this, I know that users can configure PAN-OS to not allow commits if an audit comment is not associated with a rule when it is changed, but I don't know this works in a few scenarios:

  • if I rename a rule from A to B, but otherwise do not change the spec of that rule, do I need to configure an audit comment with A? B? Both? Neither?
  • if I do not change the spec of a rule, but I move it within the rulebase, does it require an audit comment?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component/terraform
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@migara @shinmog @michalbil