[BUG] GuardDuty Organization solution does not deploy

[jdruffel]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Describe the bug

Hey,

I updated to the newest version of the aws sra, but unfortunately my guardduty solution does not deploy even after deleting the whole stack/stackset and recreating it again. I'll get the following error in the nested stack which creates the custom Lambda Function :

Received response status [FAILED] from custom resource. Message returned: Parameter validation failed: Unknown parameter in input: "Features", must be one of: DetectorId, AutoEnable, DataSources (RequestId: xyz)

Here the Error from Cloudwatch-Logs: "exception": "Traceback (most recent call last):\n File \"/var/task/crhelper/resource_helper.py\", line 204, in _wrap_function\n self.PhysicalResourceId = func(self._event, self._context) if func else ''\n File \"/var/task/app.py\", line 267, in process_cloudformation_event\n process_create_update_event(params, regions)\n File \"/var/task/app.py\", line 216, in process_create_update_event\n guardduty.configure_guardduty(\n File \"/var/task/guardduty.py\", line 570, in configure_guardduty\n update_guardduty_configuration(\n File \"/var/task/guardduty.py\", line 479, in update_guardduty_configuration\n guardduty_client.update_organization_configuration(**org_configuration_params)\n File \"/opt/python/botocore/client.py\", line 508, in _api_call\n return self._make_api_call(operation_name, kwargs)\n File \"/opt/python/botocore/client.py\", line 874, in _make_api_call\n request_dict = self._convert_to_request_dict(\n File \"/opt/python/botocore/client.py\", line 935, in _convert_to_request_dict\n request_dict = self._serializer.serialize_to_request(\n File \"/opt/python/botocore/validate.py\", line 381, in serialize_to_request\n raise ParamValidationError(report=report.generate_report())\nbotocore.exceptions.ParamValidationError: Parameter validation failed:\nUnknown parameter in input: \"Features\", must be one of: DetectorId, AutoEnable, DataSources"

Do you have any idea where my issue is or is it maybe a bug?

To Reproduce

Steps to reproduce the behavior:

1. (setting up all the prerequisites)
2. run " aws cloudformation deploy --template-file $HOME/aws-sra-examples/aws_sra_examples/solutions/guardduty/guardduty_org/templates/sra-guardduty-org-main-ssm.yaml --stack-name sra-guardduty-org-main-ssm --capabilities CAPABILITY_NAMED_IAM"

Expected behavior

The solution to deploy correctly

Deployment Environment

• Deployment Framework: CloudFormation StackSets
• Deployment Framework Version: newest git pull

[mlfulleraws]

Thank you for reporting the issues, we have tested the issue and could not replicate.