search

aws-solutions / aws-devops-monitoring-dashboard

The DevOps Monitoring Dashboard on AWS solution is a reference implementation that automates the process for monitoring and visualizing performance and operational metrics in continuous integration/continuous delivery (CI/CD) pipeline following AWS best practices.
Apache License 2.0
75 stars 37 forks source link

When using an assumed role the author is set to null when pushing code via cli #17

Closed francobontorin closed 1 year ago

francobontorin commented 2 years ago

How to Replicate: Create a repository that is monitored by the solution and use Cloud9 with default settings to push code. Open the quick sight dashboard Code Change Tab and check the commit author is set to Null.

Details The event is different when a user pushes code using federation, it does not capture the user name and it uses the principal Id (Line 5) That happens regardless if the author is configured on git because that information is not passed through the eventbridge event.

    "detail": {
        "eventVersion": "1.08",
        "userIdentity": {
            "type": "AssumedRole",
            "principalId": "AROAR4LH6OTFOYEXONP77:bontorin-Isengard",
            "arn": "arn:aws:sts::129603892426:assumed-role/Admin-OneClick/bontorin-Isengard",
            "accountId": "129603892426",
            "accessKeyId": "ASIAR4LH6OTFD2CYIFWL",
            "sessionContext": {
                "sessionIssuer": {
                    "type": "Role",
                    "principalId": "AROAR4LH6OTFOYEXONP77",
                    "arn": "arn:aws:iam::129603892426:role/Admin-OneClick",
                    "accountId": "129603892426",
                    "userName": "Admin-OneClick"
                },
                "webIdFederationData": {},
                "attributes": {
                    "creationDate": "2022-11-18T22:26:21Z",
                    "mfaAuthenticated": "false"
                }
            }
        },
        "eventTime": "2022-11-18T22:45:50Z",
        "eventSource": "codecommit.amazonaws.com",
        "eventName": "GitPush",
        "awsRegion": "us-east-1",
        "sourceIPAddress": "3.239.0.81",
        "userAgent": "git/2.37.1",
        "requestParameters": {
            "references": [
                {
                    "commit": "07f8a869121b4d238d1ecbec74d1d14a24d0576a",
                    "ref": "refs/heads/dev"
                }
            ]
        },

Screenshot

quicksight-null-author

aijunpeng commented 1 year ago

Thanks for the pull request. We will incorporate this into the next release.

aijunpeng commented 1 year ago

This is included in release v1.8.3.