Why do ElasticBeanstalk environments that are Terminated show up in `Classic_ElasticBeanstalk_Applications_Environments.csv`?

aws-samples / ec2-classic-resource-finder

This script enables the identification of resources running in Amazon EC2 Classic

MIT No Attribution

131 stars 82 forks source link

Why do ElasticBeanstalk environments that are Terminated show up in `Classic_ElasticBeanstalk_Applications_Environments.csv`? #3

Closed roskelleycj closed 3 years ago

roskelleycj commented 3 years ago

We just started to run this script on our accounts/environments and we are noticing a 'flapping' where the tool flags issues in ElasticBeanstalk Environments not having a VPC and in each case the Environment has recently been terminated. E.g., of course it doesn't have a VPC associated because the resources have been removed.

Looking at this line I wonder if it should be changed to only consider Environments that are Ready?

roskelleycj commented 3 years ago

BTW, I found other issues that suggest that this tool does not handle the eventually consistent natures of EC2 and ElasticBeanstalk in that multiple resources were erroneously identified and yet they were in some form of state transition. E.g., ignore the results from the tool and everything was okay.

This type of 'false negative' makes such a tool not very useful for an enterprise operations where there is constant CHURN in an environment.

TheScottMo commented 3 years ago

Thank you for reporting the false positive on Elastic Beanstalk. I will look at how I will work to get an update pushed that filters out for terminated environments.

TheScottMo commented 3 years ago

I have pushed a commit that excludes terminated environments. This will limit the number of false positives without introducing new possibility for false negatives.