Closed dasbiswajit closed 5 years ago
is this because of Aws cli version?
the error is as attached.
This is caused by an older version of boto/botocore that do not yet have the ap-east-1 region updated as supported by GuardDuty. Ensure you have updated both boto3 and botocore packages to the latest version (boto3: 1.9.197 / botocore: 1.12.197)
This is caused by an older version of boto/botocore that do not yet have the ap-east-1 region updated as supported by GuardDuty. Ensure you have updated both boto3 and botocore packages to the latest version (boto3: 1.9.197 / botocore: 1.12.197)
I am afraid that issue is in the code implementation.
When the script is executed without providing any region explicitly, then function: _guardduty_regions = [str(item) for item in args.enabledregions.split(',')]
will provide on the list of regions where GuardDuty is enabled also region "HongKong". The problem is - according to the new AWS approach to the new regions, new region can be disabled and client needn't to want to enable this.
In such case in the loop which is several lines lower, the code will fail with the information that the session token is invalid, when it will try to list detectors in the region which is not enabled in the account:
_detector_dict = list_detectors(gd_client, awsregion)
Script must be modified to provide on the list of guardduty_regions only these regions where GuardDuty is enabled AND which are enabled in the account.
@visenn You are correct, thanks for that - I just pushed an update that will correctly handle that error in the Master account and remove the region from the list.
Hello Team We are enabling Guard duty using enableguardduty.py via switch role. But we can see it is not working properly for Asia Pacific (Hong Kong)region it is not working.
We are executing the following command to enabling Guard duty - python amazon-guardduty-multiaccount-scripts/enableguardduty.py --master_account --assume_role
guardduty_fileName contents - AccountxNoxxxxxxxxxxxxxx,account_root_email
boto version -
-bash-4.2$ aws --version aws-cli/1.16.183 Python/2.7.5 Linux/3.10.0-862.6.3.el7.x86_64 botocore/1.12.173