Create user return 409 errorString null

awslabs / ssosync

Populate AWS SSO directly with your G Suite users and groups using either a CLI or AWS Lambda

Apache License 2.0

530 stars 182 forks source link

Create user return 409 errorString null #111

Closed filipponova closed 8 months ago

filipponova commented 1 year ago

Describe the bug Hello, Everyone.

I'm getting 409 errorString on sync between my user pools and AWS. I didn't quite understand the problem, this only happens to some users in the group, is there any limit of users per group? Currently adding all the groups we have 52 people.

`{ "level": "error", "msg": "error creating user", "time": "2022-12-15T13:34:30Z", "user": "xpto@acme.com" }

status of http response was 409: errorString null

To Reproduce Steps to reproduce the behavior:

Add user in Google Workspace groups.
Lambda ssosync run.
See error

Expected behavior User created in AWS identity center.

Additional context Add any other context about the problem here.

manisomanish commented 1 year ago

Hey @filipponova, We are also getting the same issue, did you able to find the solution of it?

ChrisPates commented 1 year ago

Can you confirm you are using the latest release, how you are running the executable (lambda, codepipeline, cli on ec2), an anonomized version of your environment variables / cli parameters.

So far I have been unable to replicate this issue.

manisomanish commented 1 year ago

Hey @ChrisPates, Thank you for your response, We are using old version of SSOSync, after updating to the latest release, we are able to get rid of this issue. Thank you.

abennett commented 1 year ago

I experienced this issue. Whenever the FindUserByEmail method fails and returns nil, err, it's assumed that the user needs created which returns a 409 when attempted against a user that already exists. https://github.com/awslabs/ssosync/blob/c1949413096ca5163e8484c285f665b733259a23/internal/sync.go#L128-L140

abennett commented 1 year ago

Probably related to #77.

ChrisPates commented 1 year ago

Indeed, I'm currently rewriting this section of the code to avoid this and a number of other issues.

abennett commented 1 year ago

Awesome! Thanks, @ChrisPates!

Want to keep this issue open and close it out when we have a new release?

filipponova commented 1 year ago

Sorry for the delay guys, from what I understand this is a limitation in the AWS API that does not have pagination, so if you have more than 50 users in a group it returns this error. I'm running a workaround since I opened this issue.

Issue: #81 Workaround: https://github.com/awslabs/ssosync/issues/81#issuecomment-1140251637 (But I am running on my machine, i'm not deployed this version on AWS Lambda)

I'll update my current lambda to the ssosync latest version and test if it now works.

filipponova commented 1 year ago

I'm still having the same problem. :/

ChrisPates commented 8 months ago

This should have been resolved as of v2.0.x. Please re-open if you are still experiencing this issue.

abennett commented 8 months ago

Thank you!