Description
What were you initially searching for in the docs?
I was performing an upgrade of the solution from 2.1.3 to 2.2.1 in my organization. There were some new parameters introduced (e.g. Namespace and TicketGenFunctionName, but these were not called out explicitly in the update the solution documentation or in the release notes, so it was only be trial and error that I found I had to add them.
Is this related to an existing part of the documentation? Please share a link
- https://docs.aws.amazon.com/solutions/latest/automated-security-response-on-aws/update-the-solution.html
- https://github.com/aws-solutions/automated-security-response-on-aws/releases
Describe how we could make it clearer
The Namespace parameter was confusing. In the guide, it suggests using the output of date +%s | tail -c 9, which returns a 9-digit number, but it is unclear whether this needs to be changed the next time the solution is deployed/upgraded, or whether it should remain static.
I attempted to change the value between deployments, resulting in extra roles being created; these roles then had to be manually deleted, making me suspect that the Namespace parameter should be static regardless of deployments/upgrades.
The ReuseOrchestratorLogGroup is not called out as needing to be changed from its default of no in subsequent deployments in the update the solution documentation; it would be very easy to miss this as it is buried in the stack deployment info, but it will be most pertinent during upgrades.
If you have a proposed update, please share it here
In my case, I was not integrating with a ticketing solution, so I had to set the TicketGenFunctionName parameter to an empty string. It might be good to provide this as a sensible default to the stacks, rather than forcing people to add a blank string.