Closed rogerfdias closed 1 year ago
LGTM
Thanks!
Oh shoot I misunderstood the change here. This was correct before -- details.get('IsTruncated', False)
means that it will return False
if IsTruncated
is missing from details
. Without this, we could end up in an infinite loop if IsTruncated
is missing from the API response. Going to open a PR to revert the change.
Oh shoot I misunderstood the change here. This was correct before --
details.get('IsTruncated', False)
means that it will returnFalse
ifIsTruncated
is missing fromdetails
. Without this, we could end up in an infinite loop ifIsTruncated
is missing from the API response. Going to open a PR to revert the change.
When I tried with details.get('IsTruncated', False)
from my Aardvark fork, Aardvark just collected the 200 services from a role that has '*' for the services. When I update for details.get('IsTruncated', True)
, Aardvark started to collect all the 393 services of the role.
So this parameter IsTruncated
for get_service_last_accessed_details is not show for all the responses ?
I`ll do more tests here.
Fixing parameter from Get Access Detaill.
The correct parameter when a role has more than 200 service is "IsTruncate" and needs to be true as says this documentation:
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/iam/client/get_service_last_accessed_details.html
If the current configuration has a role that has more than 200 services, Repokid will think that this role is not using some services that doesn`t have in the database aardvark as aardvark is not able to collect all services from the role due this limitation of the parameter.