Closed kota65535 closed 1 year ago
RyanFitzSimmonsAK
commented
1 year ago Hi @kota65535, thanks for reaching out. Could you tell me what kind of EC2 resource has the ARN in your second format (arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145)? Also, could you provide debug logs of this behavior? You can get debug logs by adding --debug to your command, and redacting any sensitive information. Thanks!
kota65535
commented
1 year ago Hi @RyanFitzSimmonsAK ,
Could you tell me what kind of EC2 resource has the ARN in your second format (arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145)?
This is an EC2 instance.
Also, could you provide debug logs of this behavior?
$ aws resourcegroupstaggingapi get-resources --resource-arn-list "arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145" --debug
2023-08-17 11:47:53,518 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/2.13.9 Python/3.11.4 Darwin/21.4.0 source/x86_64
2023-08-17 11:47:53,518 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['resourcegroupstaggingapi', 'get-resources', '--resource-arn-list', 'arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145', '--debug']
2023-08-17 11:47:53,595 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_s3 at 0x104687740>
2023-08-17 11:47:53,595 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_ddb at 0x1044a2e80>
2023-08-17 11:47:53,595 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method BasicCommand.add_command of <class 'awscli.customizations.configure.configure.ConfigureCommand'>>
2023-08-17 11:47:53,595 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function change_name at 0x1040d7b00>
2023-08-17 11:47:53,595 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function change_name at 0x1040e91c0>
2023-08-17 11:47:53,595 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function alias_opsworks_cm at 0x1046979c0>
2023-08-17 11:47:53,595 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_history_commands at 0x1044fe8e0>
2023-08-17 11:47:53,595 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method BasicCommand.add_command of <class 'awscli.customizations.devcommands.CLIDevCommand'>>
2023-08-17 11:47:53,595 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_waiters at 0x104696980>
2023-08-17 11:47:53,595 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method AliasSubCommandInjector.on_building_command_table of <awscli.alias.AliasSubCommandInjector object at 0x104741350>>
2023-08-17 11:47:53,596 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/data/cli.json
2023-08-17 11:47:53,598 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_types at 0x1045bf240>
2023-08-17 11:47:53,598 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function no_sign_request at 0x1045bf560>
2023-08-17 11:47:53,598 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_verify_ssl at 0x1045bf4c0>
2023-08-17 11:47:53,598 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_cli_read_timeout at 0x1045bf6a0>
2023-08-17 11:47:53,598 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_cli_connect_timeout at 0x1045bf600>
2023-08-17 11:47:53,598 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <built-in method update of dict object at 0x10473e540>
2023-08-17 11:47:53,599 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/2.13.9 Python/3.11.4 Darwin/21.4.0 source/x86_64 prompt/off
2023-08-17 11:47:53,599 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['resourcegroupstaggingapi', 'get-resources', '--resource-arn-list', 'arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145', '--debug']
2023-08-17 11:47:53,599 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_timestamp_parser at 0x104694360>
2023-08-17 11:47:53,599 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function register_uri_param_handler at 0x103ee4ae0>
2023-08-17 11:47:53,599 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_binary_formatter at 0x1047056c0>
2023-08-17 11:47:53,599 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function no_pager_handler at 0x103da82c0>
2023-08-17 11:47:53,599 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_assume_role_provider_cache at 0x103f089a0>
2023-08-17 11:47:53,606 - MainThread - botocore.utils - DEBUG - IMDS ENDPOINT: http://169.254.169.254/
2023-08-17 11:47:53,615 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function attach_history_handler at 0x1044fe0c0>
2023-08-17 11:47:53,615 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_json_file_cache at 0x104482e80>
2023-08-17 11:47:53,642 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/data/resourcegroupstaggingapi/2017-01-26/service-2.json
2023-08-17 11:47:53,644 - MainThread - botocore.hooks - DEBUG - Event building-command-table.resourcegroupstaggingapi: calling handler <function add_waiters at 0x104696980>
2023-08-17 11:47:53,668 - MainThread - botocore.hooks - DEBUG - Event building-command-table.resourcegroupstaggingapi: calling handler <bound method AliasSubCommandInjector.on_building_command_table of <awscli.alias.AliasSubCommandInjector object at 0x104741350>>
2023-08-17 11:47:53,669 - MainThread - awscli.clidriver - DEBUG - OrderedDict([('pagination-token', <awscli.arguments.CLIArgument object at 0x1047c3490>), ('tag-filters', <awscli.arguments.ListArgument object at 0x1047c3650>), ('resources-per-page', <awscli.arguments.CLIArgument object at 0x1047c3750>), ('tags-per-page', <awscli.arguments.CLIArgument object at 0x1047c38d0>), ('resource-type-filters', <awscli.arguments.ListArgument object at 0x1047c3a10>), ('include-compliance-details', <awscli.arguments.BooleanArgument object at 0x1047c3b50>), ('no-include-compliance-details', <awscli.arguments.BooleanArgument object at 0x104742750>), ('exclude-compliant-resources', <awscli.arguments.BooleanArgument object at 0x1047c3c90>), ('no-exclude-compliant-resources', <awscli.arguments.BooleanArgument object at 0x1047c3d10>), ('resource-arn-list', <awscli.arguments.ListArgument object at 0x1047c3e10>)])
2023-08-17 11:47:53,669 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.resourcegroupstaggingapi.get-resources: calling handler <function add_streaming_output_arg at 0x1046949a0>
2023-08-17 11:47:53,669 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.resourcegroupstaggingapi.get-resources: calling handler <function add_cli_input_json at 0x103f096c0>
2023-08-17 11:47:53,669 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.resourcegroupstaggingapi.get-resources: calling handler <function add_cli_input_yaml at 0x103f09760>
2023-08-17 11:47:53,670 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.resourcegroupstaggingapi.get-resources: calling handler <function unify_paging_params at 0x1044a3740>
2023-08-17 11:47:53,698 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/data/resourcegroupstaggingapi/2017-01-26/paginators-1.json
2023-08-17 11:47:53,698 - MainThread - awscli.customizations.paginate - DEBUG - Modifying paging parameters for operation: GetResources
2023-08-17 11:47:53,698 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.resourcegroupstaggingapi.get-resources: calling handler <function add_generate_skeleton at 0x1045bd9e0>
2023-08-17 11:47:53,699 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.resourcegroupstaggingapi.get-resources: calling handler <bound method OverrideRequiredArgsArgument.override_required_args of <awscli.customizations.cliinput.CliInputJSONArgument object at 0x1047c4710>>
2023-08-17 11:47:53,699 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.resourcegroupstaggingapi.get-resources: calling handler <bound method OverrideRequiredArgsArgument.override_required_args of <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x1047428d0>>
2023-08-17 11:47:53,699 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.resourcegroupstaggingapi.get-resources: calling handler <bound method GenerateCliSkeletonArgument.override_required_args of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x1047c2c50>>
2023-08-17 11:47:53,699 - MainThread - botocore.hooks - DEBUG - Event building-command-table.resourcegroupstaggingapi_get-resources: calling handler <function add_waiters at 0x104696980>
2023-08-17 11:47:53,699 - MainThread - botocore.hooks - DEBUG - Event building-command-table.resourcegroupstaggingapi_get-resources: calling handler <bound method AliasSubCommandInjector.on_building_command_table of <awscli.alias.AliasSubCommandInjector object at 0x104741350>>
2023-08-17 11:47:53,700 - MainThread - botocore.hooks - DEBUG - Event operation-args-parsed.resourcegroupstaggingapi.get-resources: calling handler functools.partial(<function check_should_enable_pagination at 0x1044a3880>, ['pagination-token', 'resources-per-page'], {}, OrderedDict([('pagination-token', <awscli.arguments.CLIArgument object at 0x1047c3490>), ('tag-filters', <awscli.arguments.ListArgument object at 0x1047c3650>), ('resources-per-page', <awscli.arguments.CLIArgument object at 0x1047c3750>), ('tags-per-page', <awscli.arguments.CLIArgument object at 0x1047c38d0>), ('resource-type-filters', <awscli.arguments.ListArgument object at 0x1047c3a10>), ('include-compliance-details', <awscli.arguments.BooleanArgument object at 0x1047c3b50>), ('no-include-compliance-details', <awscli.arguments.BooleanArgument object at 0x104742750>), ('exclude-compliant-resources', <awscli.arguments.BooleanArgument object at 0x1047c3c90>), ('no-exclude-compliant-resources', <awscli.arguments.BooleanArgument object at 0x1047c3d10>), ('resource-arn-list', <awscli.arguments.ListArgument object at 0x1047c3e10>), ('cli-input-json', <awscli.customizations.cliinput.CliInputJSONArgument object at 0x1047c4710>), ('cli-input-yaml', <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x1047428d0>), ('starting-token', <awscli.customizations.paginate.PageArgument object at 0x1047b6910>), ('page-size', <awscli.customizations.paginate.PageArgument object at 0x1019ccc90>), ('max-items', <awscli.customizations.paginate.PageArgument object at 0x1047c5dd0>), ('generate-cli-skeleton', <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x1047c2c50>)]))
2023-08-17 11:47:53,700 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.pagination-token: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,700 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.tag-filters: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,700 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.resources-per-page: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,700 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.tags-per-page: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.resource-type-filters: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.include-compliance-details: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.exclude-compliant-resources: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.resource-arn-list: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event process-cli-arg.resourcegroupstaggingapi.get-resources: calling handler <awscli.argprocess.ParamShorthandParser object at 0x103dce510>
2023-08-17 11:47:53,701 - MainThread - awscli.arguments - DEBUG - Unpacked value of ['arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145'] for parameter "resource_arn_list": ['arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145']
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.cli-input-json: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.cli-input-yaml: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.starting-token: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.page-size: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.max-items: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.tagging.get-resources.generate-cli-skeleton: calling handler <awscli.paramfile.URIArgumentHandler object at 0x103e77a10>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event calling-command.resourcegroupstaggingapi.get-resources: calling handler <bound method CliInputArgument.add_to_call_parameters of <awscli.customizations.cliinput.CliInputJSONArgument object at 0x1047c4710>>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event calling-command.resourcegroupstaggingapi.get-resources: calling handler <bound method CliInputArgument.add_to_call_parameters of <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x1047428d0>>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event calling-command.resourcegroupstaggingapi.get-resources: calling handler <bound method GenerateCliSkeletonArgument.generate_skeleton of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x1047c2c50>>
2023-08-17 11:47:53,701 - MainThread - botocore.hooks - DEBUG - Event calling-command.resourcegroupstaggingapi.get-resources: calling handler functools.partial(<function check_should_enable_pagination_call_parameters at 0x1044a3ce0>, ['PaginationToken', 'ResourcesPerPage'])
2023-08-17 11:47:53,702 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: env
2023-08-17 11:47:53,702 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role
2023-08-17 11:47:53,702 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role-with-web-identity
2023-08-17 11:47:53,702 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: sso
2023-08-17 11:47:53,702 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: shared-credentials-file
2023-08-17 11:47:53,703 - MainThread - botocore.credentials - INFO - Found credentials in shared credentials file: ~/.aws/credentials
2023-08-17 11:47:53,705 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/data/endpoints.json
2023-08-17 11:47:53,720 - MainThread - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x102edda80>
2023-08-17 11:47:53,747 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/data/resourcegroupstaggingapi/2017-01-26/endpoint-rule-set-1.json
2023-08-17 11:47:53,748 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/data/partitions.json
2023-08-17 11:47:53,748 - MainThread - botocore.hooks - DEBUG - Event creating-client-class.resource-groups-tagging-api: calling handler <function add_generate_presigned_url at 0x102e24d60>
2023-08-17 11:47:53,749 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for resourcegroupstaggingapi via: environment_service
2023-08-17 11:47:53,749 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for resourcegroupstaggingapi via: environment_global
2023-08-17 11:47:53,749 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for resourcegroupstaggingapi via: config_service
2023-08-17 11:47:53,749 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for resourcegroupstaggingapi via: config_global
2023-08-17 11:47:53,749 - MainThread - botocore.configprovider - DEBUG - No configured endpoint found.
2023-08-17 11:47:53,771 - MainThread - botocore.endpoint - DEBUG - Setting tagging timeout as (60, 60)
2023-08-17 11:47:53,773 - MainThread - botocore.regions - DEBUG - Calling endpoint provider with parameters: {'Region': 'ap-northeast-1', 'UseDualStack': False, 'UseFIPS': False}
2023-08-17 11:47:53,773 - MainThread - botocore.regions - DEBUG - Endpoint provider result: https://tagging.ap-northeast-1.amazonaws.com
2023-08-17 11:47:53,773 - MainThread - botocore.hooks - DEBUG - Event provide-client-params.resource-groups-tagging-api.GetResources: calling handler <function base64_decode_input_blobs at 0x104705760>
2023-08-17 11:47:53,773 - MainThread - botocore.hooks - DEBUG - Event before-parameter-build.resource-groups-tagging-api.GetResources: calling handler <function generate_idempotent_uuid at 0x102edfe20>
2023-08-17 11:47:53,774 - MainThread - botocore.hooks - DEBUG - Event before-call.resource-groups-tagging-api.GetResources: calling handler <function inject_api_version_header_if_needed at 0x102f01940>
2023-08-17 11:47:53,774 - MainThread - botocore.endpoint - DEBUG - Making request for OperationModel(name=GetResources) with params: {'url_path': '/', 'query_string': '', 'method': 'POST', 'headers': {'X-Amz-Target': 'ResourceGroupsTaggingAPI_20170126.GetResources', 'Content-Type': 'application/x-amz-json-1.1', 'User-Agent': 'aws-cli/2.13.9 Python/3.11.4 Darwin/21.4.0 source/x86_64 prompt/off command/resourcegroupstaggingapi.get-resources'}, 'body': b'{"ResourceARNList": ["arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145"]}', 'url': 'https://tagging.ap-northeast-1.amazonaws.com/', 'context': {'client_region': 'ap-northeast-1', 'client_config': <botocore.config.Config object at 0x104c45250>, 'has_streaming_input': False, 'auth_type': None}}
2023-08-17 11:47:53,774 - MainThread - botocore.hooks - DEBUG - Event request-created.resource-groups-tagging-api.GetResources: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x1047e1b50>>
2023-08-17 11:47:53,774 - MainThread - botocore.hooks - DEBUG - Event choose-signer.resource-groups-tagging-api.GetResources: calling handler <function set_operation_specific_signer at 0x102edfce0>
2023-08-17 11:47:53,774 - MainThread - botocore.auth - DEBUG - Calculating signature using v4 auth.
2023-08-17 11:47:53,774 - MainThread - botocore.auth - DEBUG - CanonicalRequest:
POST
/
content-type:application/x-amz-json-1.1
host:tagging.ap-northeast-1.amazonaws.com
x-amz-date:20230817T024753Z
x-amz-security-token:FwoGZXIvYXdzEMP//////////wEaDNk8+q38/yUx1RABbiKrAZ6IeuuyQ17aLid5p6n7hV9m6zxlLODxwO2qAU4cChlflPr1A93lbgeu0j+5zdU/iHKkSb7PyFnWN39ccfMCXm5ebsnjzcj4o59Lr28G88kbSQe45ufo8ih/7hfhbT8VB1F3r5DQgj9iLWbtVPTzFyASVeGEpOLhNL1cygfvownoPlPno4BQ2DLYLLiTuagYbwTMVotRnPLTr496vWE2sVL1ifJ7yTD6D3YSoSic+PWmBjIth0vwJK4OZihAotLUB89+HzEoB5z7YrtWaDJsbmD4UI7innvCCBu9622CO+gf
x-amz-target:ResourceGroupsTaggingAPI_20170126.GetResources
content-type;host;x-amz-date;x-amz-security-token;x-amz-target
25df7a75902edfec100c7c868775233a292cf2484a72665ee65148cf3fa32bab
2023-08-17 11:47:53,774 - MainThread - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20230817T024753Z
20230817/ap-northeast-1/tagging/aws4_request
ec1a1a0a068e98aca84d564d14b3fad7fad19f921be059d14122e2bc32317f3f
2023-08-17 11:47:53,774 - MainThread - botocore.auth - DEBUG - Signature:
36ded14b62faa356936881eadfd203007ba382131a726b1ff91f4f80adc0d1b9
2023-08-17 11:47:53,775 - MainThread - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://tagging.ap-northeast-1.amazonaws.com/, headers={'X-Amz-Target': b'ResourceGroupsTaggingAPI_20170126.GetResources', 'Content-Type': b'application/x-amz-json-1.1', 'User-Agent': b'aws-cli/2.13.9 Python/3.11.4 Darwin/21.4.0 source/x86_64 prompt/off command/resourcegroupstaggingapi.get-resources', 'X-Amz-Date': b'20230817T024753Z', 'X-Amz-Security-Token': b'FwoGZXIvYXdzEMP//////////wEaDNk8+q38/yUx1RABbiKrAZ6IeuuyQ17aLid5p6n7hV9m6zxlLODxwO2qAU4cChlflPr1A93lbgeu0j+5zdU/iHKkSb7PyFnWN39ccfMCXm5ebsnjzcj4o59Lr28G88kbSQe45ufo8ih/7hfhbT8VB1F3r5DQgj9iLWbtVPTzFyASVeGEpOLhNL1cygfvownoPlPno4BQ2DLYLLiTuagYbwTMVotRnPLTr496vWE2sVL1ifJ7yTD6D3YSoSic+PWmBjIth0vwJK4OZihAotLUB89+HzEoB5z7YrtWaDJsbmD4UI7innvCCBu9622CO+gf', 'Authorization': b'AWS4-HMAC-SHA256 Credential=ASIAWJ5MKUOIIONDXELD/20230817/ap-northeast-1/tagging/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-security-token;x-amz-target, Signature=36ded14b62faa356936881eadfd203007ba382131a726b1ff91f4f80adc0d1b9', 'Content-Length': '84'}>
2023-08-17 11:47:53,775 - MainThread - botocore.httpsession - DEBUG - Certificate path: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/cacert.pem
2023-08-17 11:47:53,776 - MainThread - urllib3.connectionpool - DEBUG - Starting new HTTPS connection (1): tagging.ap-northeast-1.amazonaws.com:443
2023-08-17 11:47:53,844 - MainThread - urllib3.connectionpool - DEBUG - https://tagging.ap-northeast-1.amazonaws.com:443 "POST / HTTP/1.1" 400 150
2023-08-17 11:47:53,844 - MainThread - botocore.parsers - DEBUG - Response headers: {'x-amzn-RequestId': '0222e026-a7d1-40a9-b252-11c2cdf21820', 'Content-Type': 'application/x-amz-json-1.1', 'Content-Length': '150', 'Date': 'Thu, 17 Aug 2023 02:47:53 GMT', 'Connection': 'close'}
2023-08-17 11:47:53,844 - MainThread - botocore.parsers - DEBUG - Response body:
b'{"__type":"InvalidParameterException","Message":"arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145 is not a valid AmazonResourceName (ARN)"}'
2023-08-17 11:47:53,845 - MainThread - botocore.parsers - DEBUG - Response headers: {'x-amzn-RequestId': '0222e026-a7d1-40a9-b252-11c2cdf21820', 'Content-Type': 'application/x-amz-json-1.1', 'Content-Length': '150', 'Date': 'Thu, 17 Aug 2023 02:47:53 GMT', 'Connection': 'close'}
2023-08-17 11:47:53,845 - MainThread - botocore.parsers - DEBUG - Response body:
b'{"__type":"InvalidParameterException","Message":"arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145 is not a valid AmazonResourceName (ARN)"}'
2023-08-17 11:47:53,845 - MainThread - botocore.hooks - DEBUG - Event needs-retry.resource-groups-tagging-api.GetResources: calling handler <bound method RetryHandler.needs_retry of <botocore.retries.standard.RetryHandler object at 0x104c46f10>>
2023-08-17 11:47:53,845 - MainThread - botocore.retries.standard - DEBUG - Not retrying request.
2023-08-17 11:47:53,845 - MainThread - botocore.hooks - DEBUG - Event after-call.resource-groups-tagging-api.GetResources: calling handler <bound method RetryQuotaChecker.release_retry_quota of <botocore.retries.standard.RetryQuotaChecker object at 0x104c468d0>>
2023-08-17 11:47:53,845 - MainThread - awscli.clidriver - DEBUG - Exception caught in main()
Traceback (most recent call last):
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/clidriver.py", line 460, in main
return command_table[parsed_args.command](remaining, parsed_args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/clidriver.py", line 595, in __call__
return command_table[parsed_args.operation](remaining, parsed_globals)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/clidriver.py", line 798, in __call__
return self._operation_caller.invoke(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/clidriver.py", line 931, in invoke
self._display_response(operation_name, response, parsed_globals)
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/clidriver.py", line 953, in _display_response
formatter(command_name, response, stream)
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/formatter.py", line 77, in __call__
response_data = response.build_full_result()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/paginate.py", line 446, in build_full_result
for response in self:
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/paginate.py", line 252, in __iter__
response = self._make_request(current_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/paginate.py", line 329, in _make_request
return self._method(**current_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/client.py", line 341, in _api_call
return self._make_api_call(operation_name, kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/client.py", line 697, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.errorfactory.InvalidParameterException: An error occurred (InvalidParameterException) when calling the GetResources operation: arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145 is not a valid AmazonResourceName (ARN)
An error occurred (InvalidParameterException) when calling the GetResources operation: arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145 is not a valid AmazonResourceName (ARN)The command succeeds after changing the ARN from the 2nd format to the 1st one by inserting instance/.
$ aws resourcegroupstaggingapi get-resources --resource-arn-list "arn:aws:ec2:ap-northeast-1:433616233360:instance/i-0825a83d29e870145"
{
"ResourceTagMappingList": [
{
"ResourceARN": "arn:aws:ec2:ap-northeast-1:433616233360:instance/i-0825a83d29e870145",
"Tags": [
{
"Key": "Patch Group",
"Value": "default"
},
...
]
}
]
}According to this documentation, EC2 instances have an ARN with the first format you mentioned. This is looking more like an issue with Security Hub. Can you provide debug logs of the Security Hub command providing these ARNs, as well as tell me if there are any other types of resources where the correct ARN isn't being provided. Thanks!
kota65535
commented
1 year ago Can you provide debug logs of the Security Hub command providing these ARNs
$ aws securityhub get-findings --filters '{"ProductName":[{"Value": "Inspector","Comparison":"EQUALS"}],"Title":[{"Value": "CVE-2022-2978 - kernel","Comparison":"EQUALS"}],"ResourceType":[{"Value":"AwsEc2Instance","Comparison":"EQUALS"}]}' --debug
2023-08-18 13:55:16,384 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/2.13.9 Python/3.11.4 Darwin/21.4.0 source/x86_64
2023-08-18 13:55:16,385 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['securityhub', 'get-findings', '--filters', '{"ProductName":[{"Value": "Inspector","Comparison":"EQUALS"}],"Title":[{"Value": "CVE-2022-2978 - kernel","Comparison":"EQUALS"}],"ResourceType":[{"Value":"AwsEc2Instance","Comparison":"EQUALS"}]}', '--debug']
2023-08-18 13:55:16,417 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_s3 at 0x107e83740>
2023-08-18 13:55:16,417 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_ddb at 0x107c9ae80>
2023-08-18 13:55:16,417 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method BasicCommand.add_command of <class 'awscli.customizations.configure.configure.ConfigureCommand'>>
2023-08-18 13:55:16,417 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function change_name at 0x1078cbb00>
2023-08-18 13:55:16,417 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function change_name at 0x1078e11c0>
2023-08-18 13:55:16,417 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function alias_opsworks_cm at 0x107e8f9c0>
2023-08-18 13:55:16,418 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_history_commands at 0x107cf68e0>
2023-08-18 13:55:16,418 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method BasicCommand.add_command of <class 'awscli.customizations.devcommands.CLIDevCommand'>>
2023-08-18 13:55:16,418 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_waiters at 0x107e8e980>
2023-08-18 13:55:16,418 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method AliasSubCommandInjector.on_building_command_table of <awscli.alias.AliasSubCommandInjector object at 0x107f39a10>>
2023-08-18 13:55:16,418 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/data/cli.json
2023-08-18 13:55:16,420 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_types at 0x107db7240>
2023-08-18 13:55:16,420 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function no_sign_request at 0x107db7560>
2023-08-18 13:55:16,420 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_verify_ssl at 0x107db74c0>
2023-08-18 13:55:16,420 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_cli_read_timeout at 0x107db76a0>
2023-08-18 13:55:16,420 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_cli_connect_timeout at 0x107db7600>
2023-08-18 13:55:16,420 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <built-in method update of dict object at 0x107f32cc0>
2023-08-18 13:55:16,421 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/2.13.9 Python/3.11.4 Darwin/21.4.0 source/x86_64 prompt/off
2023-08-18 13:55:16,421 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['securityhub', 'get-findings', '--filters', '{"ProductName":[{"Value": "Inspector","Comparison":"EQUALS"}],"Title":[{"Value": "CVE-2022-2978 - kernel","Comparison":"EQUALS"}],"ResourceType":[{"Value":"AwsEc2Instance","Comparison":"EQUALS"}]}', '--debug']
2023-08-18 13:55:16,421 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_timestamp_parser at 0x107e8c360>
2023-08-18 13:55:16,421 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function register_uri_param_handler at 0x1076d8ae0>
2023-08-18 13:55:16,421 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_binary_formatter at 0x107efd6c0>
2023-08-18 13:55:16,433 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function no_pager_handler at 0x10759c2c0>
2023-08-18 13:55:16,433 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_assume_role_provider_cache at 0x1077009a0>
2023-08-18 13:55:16,435 - MainThread - botocore.utils - DEBUG - IMDS ENDPOINT: http://169.254.169.254/
2023-08-18 13:55:16,443 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function attach_history_handler at 0x107cf60c0>
2023-08-18 13:55:16,443 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_json_file_cache at 0x107c7ae80>
2023-08-18 13:55:16,472 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/data/securityhub/2018-10-26/service-2.json
2023-08-18 13:55:16,492 - MainThread - botocore.hooks - DEBUG - Event building-command-table.securityhub: calling handler <function add_waiters at 0x107e8e980>
2023-08-18 13:55:16,519 - MainThread - botocore.hooks - DEBUG - Event building-command-table.securityhub: calling handler <bound method AliasSubCommandInjector.on_building_command_table of <awscli.alias.AliasSubCommandInjector object at 0x107f39a10>>
2023-08-18 13:55:16,520 - MainThread - awscli.clidriver - DEBUG - OrderedDict([('filters', <awscli.arguments.CLIArgument object at 0x108387310>), ('sort-criteria', <awscli.arguments.ListArgument object at 0x1083874d0>), ('next-token', <awscli.arguments.CLIArgument object at 0x1083875d0>), ('max-results', <awscli.arguments.CLIArgument object at 0x1083876d0>)])
2023-08-18 13:55:16,520 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.securityhub.get-findings: calling handler <function add_streaming_output_arg at 0x107e8c9a0>
2023-08-18 13:55:16,520 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.securityhub.get-findings: calling handler <function add_cli_input_json at 0x1077016c0>
2023-08-18 13:55:16,522 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.securityhub.get-findings: calling handler <function add_cli_input_yaml at 0x107701760>
2023-08-18 13:55:16,522 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.securityhub.get-findings: calling handler <function unify_paging_params at 0x107c9b740>
2023-08-18 13:55:16,549 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/data/securityhub/2018-10-26/paginators-1.json
2023-08-18 13:55:16,549 - MainThread - awscli.customizations.paginate - DEBUG - Modifying paging parameters for operation: GetFindings
2023-08-18 13:55:16,549 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.securityhub.get-findings: calling handler <function add_generate_skeleton at 0x107db59e0>
2023-08-18 13:55:16,549 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.securityhub.get-findings: calling handler <bound method OverrideRequiredArgsArgument.override_required_args of <awscli.customizations.cliinput.CliInputJSONArgument object at 0x1083879d0>>
2023-08-18 13:55:16,550 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.securityhub.get-findings: calling handler <bound method OverrideRequiredArgsArgument.override_required_args of <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x1075ba050>>
2023-08-18 13:55:16,550 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.securityhub.get-findings: calling handler <bound method GenerateCliSkeletonArgument.override_required_args of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x10838a790>>
2023-08-18 13:55:16,550 - MainThread - botocore.hooks - DEBUG - Event building-command-table.securityhub_get-findings: calling handler <function add_waiters at 0x107e8e980>
2023-08-18 13:55:16,550 - MainThread - botocore.hooks - DEBUG - Event building-command-table.securityhub_get-findings: calling handler <bound method AliasSubCommandInjector.on_building_command_table of <awscli.alias.AliasSubCommandInjector object at 0x107f39a10>>
2023-08-18 13:55:16,551 - MainThread - botocore.hooks - DEBUG - Event operation-args-parsed.securityhub.get-findings: calling handler functools.partial(<function check_should_enable_pagination at 0x107c9b880>, ['next-token', 'max-results'], {}, OrderedDict([('filters', <awscli.arguments.CLIArgument object at 0x108387310>), ('sort-criteria', <awscli.arguments.ListArgument object at 0x1083874d0>), ('next-token', <awscli.arguments.CLIArgument object at 0x1083875d0>), ('max-results', <awscli.arguments.CLIArgument object at 0x1083876d0>), ('cli-input-json', <awscli.customizations.cliinput.CliInputJSONArgument object at 0x1083879d0>), ('cli-input-yaml', <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x1075ba050>), ('starting-token', <awscli.customizations.paginate.PageArgument object at 0x10838a490>), ('page-size', <awscli.customizations.paginate.PageArgument object at 0x10838b0d0>), ('max-items', <awscli.customizations.paginate.PageArgument object at 0x10838a550>), ('generate-cli-skeleton', <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x10838a790>)]))
2023-08-18 13:55:16,551 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.securityhub.get-findings.filters: calling handler <awscli.paramfile.URIArgumentHandler object at 0x107f57b50>
2023-08-18 13:55:16,551 - MainThread - botocore.hooks - DEBUG - Event process-cli-arg.securityhub.get-findings: calling handler <awscli.argprocess.ParamShorthandParser object at 0x1075b9e10>
2023-08-18 13:55:16,551 - MainThread - awscli.argprocess - DEBUG - Param filters looks like JSON, not considered for param shorthand.
2023-08-18 13:55:16,551 - MainThread - awscli.arguments - DEBUG - Unpacked value of '{"ProductName":[{"Value": "Inspector","Comparison":"EQUALS"}],"Title":[{"Value": "CVE-2022-2978 - kernel","Comparison":"EQUALS"}],"ResourceType":[{"Value":"AwsEc2Instance","Comparison":"EQUALS"}]}' for parameter "filters": OrderedDict([('ProductName', [OrderedDict([('Value', 'Inspector'), ('Comparison', 'EQUALS')])]), ('Title', [OrderedDict([('Value', 'CVE-2022-2978 - kernel'), ('Comparison', 'EQUALS')])]), ('ResourceType', [OrderedDict([('Value', 'AwsEc2Instance'), ('Comparison', 'EQUALS')])])])
2023-08-18 13:55:16,551 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.securityhub.get-findings.sort-criteria: calling handler <awscli.paramfile.URIArgumentHandler object at 0x107f57b50>
2023-08-18 13:55:16,551 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.securityhub.get-findings.next-token: calling handler <awscli.paramfile.URIArgumentHandler object at 0x107f57b50>
2023-08-18 13:55:16,551 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.securityhub.get-findings.max-results: calling handler <awscli.paramfile.URIArgumentHandler object at 0x107f57b50>
2023-08-18 13:55:16,551 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.securityhub.get-findings.cli-input-json: calling handler <awscli.paramfile.URIArgumentHandler object at 0x107f57b50>
2023-08-18 13:55:16,551 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.securityhub.get-findings.cli-input-yaml: calling handler <awscli.paramfile.URIArgumentHandler object at 0x107f57b50>
2023-08-18 13:55:16,552 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.securityhub.get-findings.starting-token: calling handler <awscli.paramfile.URIArgumentHandler object at 0x107f57b50>
2023-08-18 13:55:16,552 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.securityhub.get-findings.page-size: calling handler <awscli.paramfile.URIArgumentHandler object at 0x107f57b50>
2023-08-18 13:55:16,552 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.securityhub.get-findings.max-items: calling handler <awscli.paramfile.URIArgumentHandler object at 0x107f57b50>
2023-08-18 13:55:16,552 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.securityhub.get-findings.generate-cli-skeleton: calling handler <awscli.paramfile.URIArgumentHandler object at 0x107f57b50>
2023-08-18 13:55:16,552 - MainThread - botocore.hooks - DEBUG - Event calling-command.securityhub.get-findings: calling handler <bound method CliInputArgument.add_to_call_parameters of <awscli.customizations.cliinput.CliInputJSONArgument object at 0x1083879d0>>
2023-08-18 13:55:16,552 - MainThread - botocore.hooks - DEBUG - Event calling-command.securityhub.get-findings: calling handler <bound method CliInputArgument.add_to_call_parameters of <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x1075ba050>>
2023-08-18 13:55:16,552 - MainThread - botocore.hooks - DEBUG - Event calling-command.securityhub.get-findings: calling handler <bound method GenerateCliSkeletonArgument.generate_skeleton of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x10838a790>>
2023-08-18 13:55:16,552 - MainThread - botocore.hooks - DEBUG - Event calling-command.securityhub.get-findings: calling handler functools.partial(<function check_should_enable_pagination_call_parameters at 0x107c9bce0>, ['NextToken', 'MaxResults'])
2023-08-18 13:55:16,552 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: env
2023-08-18 13:55:16,552 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role
2023-08-18 13:55:16,552 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role-with-web-identity
2023-08-18 13:55:16,552 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: sso
2023-08-18 13:55:16,552 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: shared-credentials-file
2023-08-18 13:55:16,554 - MainThread - botocore.credentials - INFO - Found credentials in shared credentials file: ~/.aws/credentials
2023-08-18 13:55:16,555 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/data/endpoints.json
2023-08-18 13:55:16,569 - MainThread - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x1067cda80>
2023-08-18 13:55:16,597 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/data/securityhub/2018-10-26/endpoint-rule-set-1.json
2023-08-18 13:55:16,598 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/data/partitions.json
2023-08-18 13:55:16,599 - MainThread - botocore.hooks - DEBUG - Event creating-client-class.securityhub: calling handler <function add_generate_presigned_url at 0x106714d60>
2023-08-18 13:55:16,600 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for securityhub via: environment_service
2023-08-18 13:55:16,600 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for securityhub via: environment_global
2023-08-18 13:55:16,600 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for securityhub via: config_service
2023-08-18 13:55:16,600 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for securityhub via: config_global
2023-08-18 13:55:16,600 - MainThread - botocore.configprovider - DEBUG - No configured endpoint found.
2023-08-18 13:55:16,605 - MainThread - botocore.endpoint - DEBUG - Setting securityhub timeout as (60, 60)
2023-08-18 13:55:16,606 - MainThread - botocore.regions - DEBUG - Calling endpoint provider with parameters: {'Region': 'ap-northeast-1', 'UseDualStack': False, 'UseFIPS': False}
2023-08-18 13:55:16,607 - MainThread - botocore.regions - DEBUG - Endpoint provider result: https://securityhub.ap-northeast-1.amazonaws.com
2023-08-18 13:55:16,607 - MainThread - botocore.hooks - DEBUG - Event provide-client-params.securityhub.GetFindings: calling handler <function base64_decode_input_blobs at 0x107efd760>
2023-08-18 13:55:16,608 - MainThread - botocore.hooks - DEBUG - Event before-parameter-build.securityhub.GetFindings: calling handler <function generate_idempotent_uuid at 0x1067cfe20>
2023-08-18 13:55:16,608 - MainThread - botocore.hooks - DEBUG - Event before-call.securityhub.GetFindings: calling handler <function inject_api_version_header_if_needed at 0x1067f1940>
2023-08-18 13:55:16,608 - MainThread - botocore.endpoint - DEBUG - Making request for OperationModel(name=GetFindings) with params: {'url_path': '/findings', 'query_string': {}, 'method': 'POST', 'headers': {'Content-Type': 'application/json', 'User-Agent': 'aws-cli/2.13.9 Python/3.11.4 Darwin/21.4.0 source/x86_64 prompt/off command/securityhub.get-findings'}, 'body': b'{"Filters": {"ProductName": [{"Value": "Inspector", "Comparison": "EQUALS"}], "Title": [{"Value": "CVE-2022-2978 - kernel", "Comparison": "EQUALS"}], "ResourceType": [{"Value": "AwsEc2Instance", "Comparison": "EQUALS"}]}}', 'url': 'https://securityhub.ap-northeast-1.amazonaws.com/findings', 'context': {'client_region': 'ap-northeast-1', 'client_config': <botocore.config.Config object at 0x10832ca50>, 'has_streaming_input': False, 'auth_type': None}}
2023-08-18 13:55:16,608 - MainThread - botocore.hooks - DEBUG - Event request-created.securityhub.GetFindings: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x10836a190>>
2023-08-18 13:55:16,608 - MainThread - botocore.hooks - DEBUG - Event choose-signer.securityhub.GetFindings: calling handler <function set_operation_specific_signer at 0x1067cfce0>
2023-08-18 13:55:16,609 - MainThread - botocore.auth - DEBUG - Calculating signature using v4 auth.
2023-08-18 13:55:16,609 - MainThread - botocore.auth - DEBUG - CanonicalRequest:
POST
/findings
content-type:application/json
host:securityhub.ap-northeast-1.amazonaws.com
x-amz-date:20230818T045516Z
x-amz-security-token:FwoGZXIvYXdzEN7//////////wEaDG6jcZFAFInsczIeMCKrAQbo4n5E8E9q2oBpT1Od0r/hpZSmLEOGUfRAeoq+o4V5NCFD8T+sJZ0mSeIZ4XPC/FYJNUwWD7X3P4OMa25so8JxXHNqcoOpFwneuY7jf0LKdw2oALYPRDIBfjzRfFd0nutkuw7gX7ey3e1r2b2huPX8JrjbIHeEcPvwT50yjoaKY+jyu8UYS21NdXbDdodCSeKCRazpqcWNWG0ewed3bOL6u3aDva5CydAzMSjQ6vumBjItmxujuyPWyhhUXVNmzhUrIhqA2LrB6I3OmZcL5e4kG28sSvRM02ptMjPAogLi
content-type;host;x-amz-date;x-amz-security-token
625a0324298194f7c96174520b26c48d046b0bce4df89bee68c3901e6b0a7935
2023-08-18 13:55:16,609 - MainThread - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20230818T045516Z
20230818/ap-northeast-1/securityhub/aws4_request
ada6bb201ce2358bf09a7ea3bc89400de739fd9635912c636bbf85f63a1116e0
2023-08-18 13:55:16,609 - MainThread - botocore.auth - DEBUG - Signature:
c465c58dbb0a6317e19344b76683e469f5833e96748d91275f935b5462bc4428
2023-08-18 13:55:16,609 - MainThread - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://securityhub.ap-northeast-1.amazonaws.com/findings, headers={'Content-Type': b'application/json', 'User-Agent': b'aws-cli/2.13.9 Python/3.11.4 Darwin/21.4.0 source/x86_64 prompt/off command/securityhub.get-findings', 'X-Amz-Date': b'20230818T045516Z', 'X-Amz-Security-Token': b'FwoGZXIvYXdzEN7//////////wEaDG6jcZFAFInsczIeMCKrAQbo4n5E8E9q2oBpT1Od0r/hpZSmLEOGUfRAeoq+o4V5NCFD8T+sJZ0mSeIZ4XPC/FYJNUwWD7X3P4OMa25so8JxXHNqcoOpFwneuY7jf0LKdw2oALYPRDIBfjzRfFd0nutkuw7gX7ey3e1r2b2huPX8JrjbIHeEcPvwT50yjoaKY+jyu8UYS21NdXbDdodCSeKCRazpqcWNWG0ewed3bOL6u3aDva5CydAzMSjQ6vumBjItmxujuyPWyhhUXVNmzhUrIhqA2LrB6I3OmZcL5e4kG28sSvRM02ptMjPAogLi', 'Authorization': b'AWS4-HMAC-SHA256 Credential=ASIAWJ5MKUOIBNUAK335/20230818/ap-northeast-1/securityhub/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-security-token, Signature=c465c58dbb0a6317e19344b76683e469f5833e96748d91275f935b5462bc4428', 'Content-Length': '221'}>
2023-08-18 13:55:16,609 - MainThread - botocore.httpsession - DEBUG - Certificate path: /usr/local/Cellar/awscli/2.13.9/libexec/lib/python3.11/site-packages/awscli/botocore/cacert.pem
2023-08-18 13:55:16,610 - MainThread - urllib3.connectionpool - DEBUG - Starting new HTTPS connection (1): securityhub.ap-northeast-1.amazonaws.com:443
2023-08-18 13:55:16,846 - MainThread - urllib3.connectionpool - DEBUG - https://securityhub.ap-northeast-1.amazonaws.com:443 "POST /findings HTTP/1.1" 200 7860
2023-08-18 13:55:16,847 - MainThread - botocore.parsers - DEBUG - Response headers: {'Date': 'Fri, 18 Aug 2023 04:55:16 GMT', 'Content-Type': 'application/json', 'Content-Length': '7860', 'Connection': 'keep-alive', 'x-amzn-RequestId': 'b8f6994e-6272-45db-90fc-c207f99688b8', 'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Headers': 'Authorization,Date,X-Amz-Date,X-Amz-Security-Token,X-Amz-Target,content-type,x-amz-content-sha256,x-amz-user-agent,x-amzn-platform-id,x-amzn-trace-id', 'x-amz-apigw-id': 'J1v0RG4JtjMFoYg=', 'Access-Control-Allow-Methods': 'GET,POST,OPTIONS,PUT,PATCH,DELETE', 'Access-Control-Expose-Headers': 'x-amzn-errortype,x-amzn-requestid,x-amzn-errormessage,x-amzn-trace-id,x-amz-apigw-id,date', 'X-Amzn-Trace-Id': 'Root=1-64def9b4-5cc7631f5e735a4c27f74ffc', 'Access-Control-Max-Age': '86400'}
2023-08-18 13:55:16,847 - MainThread - botocore.parsers - DEBUG - Response body:
b'{"Findings":[{"ProductArn":"arn:aws:securityhub:ap-northeast-1::product/aws/inspector","Types":["Software and Configuration Checks/Vulnerabilities/CVE"],"Description":"A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.","ProductName":"Inspector","FirstObservedAt":"2023-01-24T01:20:51Z","CreatedAt":"2023-01-24T01:20:51Z","LastObservedAt":"2023-08-15T00:01:33Z","Vulnerabilities":[{"ReferenceUrls":["https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-022.html","https://alas.aws.amazon.com/AL2/ALAS-2022-1876.html","https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2022-009.html","https://alas.aws.amazon.com/ALAS-2022-1645.html","https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-038.html"],"Cvss":[{"Version":"3.1","BaseScore":7.8,"BaseVector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","Source":"AMAZON_CVE"},{"Version":"3.1","BaseScore":7.8,"BaseVector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","Source":"NVD"},{"Version":"3.1","BaseVector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","BaseScore":7.8,"Source":"AMAZON_CVE"}],"FixAvailable":"YES","ExploitAvailable":"NO","VulnerablePackages":[{"Architecture":"X86_64","PackageManager":"OS","Version":"5.10.144","Epoch":"0","FixedInVersion":"0:5.10.149-133.644.amzn2","Remediation":"yum update kernel","Release":"127.601.amzn2","Name":"kernel"}],"EpssScore":0.00042,"Id":"CVE-2022-2978","RelatedVulnerabilities":["ALAS2KERNEL-5.4-2022-038","ALAS2KERNEL-5.15-2022-009","ALAS-2022-1645","ALAS2KERNEL-5.10-2022-022","ALAS2-2022-1876"],"Vendor":{"VendorCreatedAt":"2022-08-24T00:00:00Z","VendorSeverity":"Important","Url":"https://alas.aws.amazon.com/cve/json/v1/CVE-2022-2978.json","Name":"AMAZON_CVE","VendorUpdatedAt":"2023-02-09T00:00:00Z"}}],"CompanyName":"Amazon","FindingProviderFields":{"Types":["Software and Configuration Checks/Vulnerabilities/CVE"],"Severity":{"Normalized":70,"Label":"HIGH"}},"ProductFields":{"aws/inspector/ProductVersion":"2","aws/inspector/FindingStatus":"ACTIVE","aws/inspector/inspectorScore":"7.8","aws/inspector/instanceId":"i-0692b397b6d7edc63","aws/inspector/resources/1/resourceDetails/awsEc2InstanceDetails/platform":"AMAZON_LINUX_2","aws/securityhub/FindingId":"arn:aws:securityhub:ap-northeast-1::product/aws/inspector/arn:aws:inspector2:ap-northeast-1:433616233360:finding/03215acf5bd52db10b4cdcd94b5b55a0","aws/securityhub/ProductName":"Inspector","aws/securityhub/CompanyName":"Amazon"},"Remediation":{"Recommendation":{"Text":"Remediation is available. Please refer to the Fixed version in the vulnerability details section above.For detailed remediation guidance for each of the affected packages, refer to the vulnerabilities section of the detailed finding JSON."}},"SchemaVersion":"2018-10-08","GeneratorId":"AWSInspector","RecordState":"ACTIVE","Title":"CVE-2022-2978 - kernel","Workflow":{"Status":"NEW"},"Severity":{"Normalized":70,"Label":"HIGH"},"UpdatedAt":"2023-08-15T00:01:33Z","WorkflowState":"NEW","AwsAccountId":"433616233360","Region":"ap-northeast-1","Id":"arn:aws:inspector2:ap-northeast-1:433616233360:finding/03215acf5bd52db10b4cdcd94b5b55a0","Resources":[{"Partition":"aws","Type":"AwsEc2Instance","Details":{"AwsEc2Instance":{"KeyName":"sre-it_batch","Type":"t3.small","VpcId":"vpc-a92deecc","ImageId":"ami-0de5311b2a443fb89","IpV4Addresses":["172.31.31.181"],"SubnetId":"subnet-86a14adf","LaunchedAt":"2023-08-15T00:00:41Z","IamInstanceProfileArn":"arn:aws:iam::433616233360:instance-profile/ec2-ml-batch"}},"Region":"ap-northeast-1","Id":"arn:aws:ec2:ap-northeast-1:433616233360:instance/i-0692b397b6d7edc63","Tags":{"Project":"aipf-dev","AutoStartTime":"9","WeekendEnabled":"false","AutoStopTime":"13","Name":"aip-dev-aipf-assets-batch"}}],"ProcessedAt":"2023-08-15T00:01:47.548Z"},{"ProductArn":"arn:aws:securityhub:ap-northeast-1::product/aws/inspector","Types":["Software and Configuration Checks/Vulnerabilities/CVE"],"Description":"A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.","ProductName":"Inspector","FirstObservedAt":"2023-01-23T00:51:09Z","CreatedAt":"2023-01-23T00:51:09Z","LastObservedAt":"2023-06-29T10:14:16Z","Vulnerabilities":[{"ReferenceUrls":["https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-022.html","https://alas.aws.amazon.com/AL2/ALAS-2022-1876.html","https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2022-009.html","https://alas.aws.amazon.com/ALAS-2022-1645.html","https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-038.html"],"Cvss":[{"Version":"3.1","BaseScore":7.8,"BaseVector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","Source":"AMAZON_CVE"},{"Version":"3.1","BaseScore":7.8,"BaseVector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","Source":"NVD"},{"Version":"3.1","BaseVector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","BaseScore":7.8,"Source":"AMAZON_CVE"}],"FixAvailable":"YES","ExploitAvailable":"NO","VulnerablePackages":[{"Architecture":"X86_64","PackageManager":"OS","Version":"4.14.287","Epoch":"0","FixedInVersion":"0:5.10.149-133.644.amzn2","Remediation":"yum update kernel","Release":"215.504.amzn2","Name":"kernel"}],"EpssScore":0.00042,"Id":"CVE-2022-2978","RelatedVulnerabilities":["ALAS2KERNEL-5.4-2022-038","ALAS2KERNEL-5.15-2022-009","ALAS-2022-1645","ALAS2KERNEL-5.10-2022-022","ALAS2-2022-1876"],"Vendor":{"VendorCreatedAt":"2022-08-24T00:00:00Z","VendorSeverity":"Important","Url":"https://alas.aws.amazon.com/cve/json/v1/CVE-2022-2978.json","Name":"AMAZON_CVE","VendorUpdatedAt":"2023-02-09T00:00:00Z"}}],"CompanyName":"Amazon","FindingProviderFields":{"Types":["Software and Configuration Checks/Vulnerabilities/CVE"],"Severity":{"Normalized":70,"Label":"HIGH"}},"ProductFields":{"aws/inspector/ProductVersion":"2","aws/inspector/FindingStatus":"ACTIVE","aws/inspector/inspectorScore":"7.8","aws/inspector/instanceId":"i-0825a83d29e870145","aws/inspector/resources/1/resourceDetails/awsEc2InstanceDetails/platform":"AMAZON_LINUX_2","aws/securityhub/FindingId":"arn:aws:securityhub:ap-northeast-1::product/aws/inspector/arn:aws:inspector2:ap-northeast-1:433616233360:finding/f123ac6ce4957e19d92e43d27386b8af","aws/securityhub/ProductName":"Inspector","aws/securityhub/CompanyName":"Amazon"},"Remediation":{"Recommendation":{"Text":"Remediation is available. Please refer to the Fixed version in the vulnerability details section above.For detailed remediation guidance for each of the affected packages, refer to the vulnerabilities section of the detailed finding JSON."}},"SchemaVersion":"2018-10-08","GeneratorId":"AWSInspector","RecordState":"ACTIVE","Title":"CVE-2022-2978 - kernel","Workflow":{"Status":"NEW"},"Severity":{"Normalized":70,"Label":"HIGH"},"UpdatedAt":"2023-06-29T10:14:16Z","WorkflowState":"NEW","AwsAccountId":"433616233360","Region":"ap-northeast-1","Id":"arn:aws:inspector2:ap-northeast-1:433616233360:finding/f123ac6ce4957e19d92e43d27386b8af","Resources":[{"Partition":"aws","Type":"AwsEc2Instance","Details":{"AwsEc2Instance":{"KeyName":"aip-dev","Type":"t3.large","VpcId":"vpc-02fa8b90ed3a11fde","ImageId":"ami-0a153a37aad1f26ca","IpV4Addresses":["172.28.4.133"],"SubnetId":"subnet-0b282cd7793b7c31e","LaunchedAt":"2023-01-17T07:20:49Z","IamInstanceProfileArn":"arn:aws:iam::433616233360:instance-profile/aip-dev-op"}},"Region":"ap-northeast-1","Id":"arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145","Tags":{"Group":"op","Project":"op","Patch Group":"default","Name":"aip-dev-op"}}],"ProcessedAt":"2023-06-29T10:14:49.130Z"}]}'
2023-08-18 13:55:16,849 - MainThread - botocore.hooks - DEBUG - Event needs-retry.securityhub.GetFindings: calling handler <bound method RetryHandler.needs_retry of <botocore.retries.standard.RetryHandler object at 0x10882b190>>
2023-08-18 13:55:16,850 - MainThread - botocore.retries.standard - DEBUG - Not retrying request.
2023-08-18 13:55:16,850 - MainThread - botocore.hooks - DEBUG - Event after-call.securityhub.GetFindings: calling handler <bound method RetryQuotaChecker.release_retry_quota of <botocore.retries.standard.RetryQuotaChecker object at 0x107669210>>
{
"Findings": [
{
"SchemaVersion": "2018-10-08",
"Id": "arn:aws:inspector2:ap-northeast-1:433616233360:finding/f123ac6ce4957e19d92e43d27386b8af",
"ProductArn": "arn:aws:securityhub:ap-northeast-1::product/aws/inspector",
"ProductName": "Inspector",
"CompanyName": "Amazon",
"Region": "ap-northeast-1",
"GeneratorId": "AWSInspector",
"AwsAccountId": "433616233360",
"Types": [
"Software and Configuration Checks/Vulnerabilities/CVE"
],
"FirstObservedAt": "2023-01-23T00:51:09Z",
"LastObservedAt": "2023-06-29T10:14:16Z",
"CreatedAt": "2023-01-23T00:51:09Z",
"UpdatedAt": "2023-06-29T10:14:16Z",
"Severity": {
"Label": "HIGH",
"Normalized": 70
},
"Title": "CVE-2022-2978 - kernel",
"Description": "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.",
"Remediation": {
"Recommendation": {
"Text": "Remediation is available. Please refer to the Fixed version in the vulnerability details section above.For detailed remediation guidance for each of the affected packages, refer to the vulnerabilities section of the detailed finding JSON."
}
},
"ProductFields": {
"aws/inspector/ProductVersion": "2",
"aws/inspector/FindingStatus": "ACTIVE",
"aws/inspector/inspectorScore": "7.8",
"aws/inspector/instanceId": "i-0825a83d29e870145",
"aws/inspector/resources/1/resourceDetails/awsEc2InstanceDetails/platform": "AMAZON_LINUX_2",
"aws/securityhub/FindingId": "arn:aws:securityhub:ap-northeast-1::product/aws/inspector/arn:aws:inspector2:ap-northeast-1:433616233360:finding/f123ac6ce4957e19d92e43d27386b8af",
"aws/securityhub/ProductName": "Inspector",
"aws/securityhub/CompanyName": "Amazon"
},
"Resources": [
{
"Type": "AwsEc2Instance",
"Id": "arn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145",
"Partition": "aws",
"Region": "ap-northeast-1",
"Tags": {
"Group": "op",
"Project": "op",
"Patch Group": "default",
"Name": "aip-dev-op"
},
"Details": {
"AwsEc2Instance": {
"Type": "t3.large",
"ImageId": "ami-0a153a37aad1f26ca",
"IpV4Addresses": [
"172.28.4.133"
],
"KeyName": "aip-dev",
"IamInstanceProfileArn": "arn:aws:iam::433616233360:instance-profile/aip-dev-op",
"VpcId": "vpc-02fa8b90ed3a11fde",
"SubnetId": "subnet-0b282cd7793b7c31e",
"LaunchedAt": "2023-01-17T07:20:49Z"
}
}
}
],
...as well as tell me if there are any other types of resources where the correct ARN isn't being provided
As far as I know, only EC2 instances.
RyanFitzSimmonsAK
commented
1 year ago Hi @kota65535, thanks for following up. I'm still having trouble reproducing this behavior. To confirm whether this is an issue with the SDK or with Security Hub, could you try using GetFindings with both Boto3 and another SDK? Thanks!
kota65535
commented
1 year ago @RyanFitzSimmonsAK I first ran into this problem with Go SDK. I will try boto3 later.
RyanFitzSimmonsAK
commented
1 year ago In that case, it's likely a service team problem. I've reached out to the Security Hub team to investigate the issue, and I'm going to move this to our cross-SDK repository (https://github.com/aws/aws-sdk) for tracking and updates. Thanks again for raising this.
Ticket # for internal use : P97576328
RyanFitzSimmonsAK
commented
1 year ago Hi @kota65535, thanks for your patience. This behavior was actually fixed before the creation of this issue. Triggering a new scan of your resources should result in ARNs that are correctly formed. You can do that by changing some settings in Security Hub about your EC2 findings. Hope that helps, please let me know if you have any follow-up questions.
github-actions[bot]
commented
1 year ago This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.
Describe the bug
aws securityhub get-findingsreturns findings with corresponding resources, whose ID is ARN.I've noticed that some findings have resources with ID in different ARN formats. This is not surprising since there are 3 ARN formats according to the document.
arn:aws:service:region:account-id:resource-type/resource-idarn:aws:ec2:ap-northeast-1:433616233360:instance/i-0e41903cb3601a109arn:aws:service:region:account-id:resource-idarn:aws:ec2:ap-northeast-1:433616233360:i-0825a83d29e870145arn:aws:service:region:account-id:resource-type:resource-idThe problem is that the 2nd format ARN cannot be used for
aws resourcegroupstaggingapi get-resources --resource-arn-list.The documentation does not specify the format of ARNs that will be accepted. Is this an expected behavior?
Or, is it actually due to
aws securityhub get-findingsnot returning resource IDs with the 1st ARN format?Expected Behavior
resourcegroupstaggingapi get-resources --resource-arn-listsucceeds with the 2nd ARN format.Current Behavior
Reproduction Steps
See Describe the bug
Possible Solution
No response
Additional Information/Context
No response
CLI version used
aws-cli/2.13.9 Python/3.11.4 Darwin/21.4.0 source/x86_64 prompt/off
Environment details (OS name and version, etc.)
Darwin/21.4.0