awslabs / ssosync

Populate AWS SSO directly with your G Suite users and groups using either a CLI or AWS Lambda
Apache License 2.0
525 stars 181 forks source link

Deleting a user make the sync process fail #135

Closed GuidoNebiolo closed 7 months ago

GuidoNebiolo commented 1 year ago

Describe the bug When a user has to be removed from AWS IAM Identity Center, the sync process (with method groups) fail because it removes the user and after that want to remove the group association for an already deleted user.

To Reproduce Steps to reproduce the behavior:

  1. Create a user in Google and put it in a sync group
  2. Run the sync process, it should create the user and put it in the group
  3. Delete the user from Google
  4. Run the sync process again

Expected behavior The sync process should not try to remove a user from a group if it has been deleted.

Additional context Version: 2.0.2, commit 49d87f760094813b5cc6318ddaa152ac555fde65, built at 2023-01-18T16:02:03Z by goreleaser Logs: DEBU[0027] finding user WARN[0027] deleting user WARN[0031] removing user from group FATA[0031] ResourceNotFoundException: Group membership not found for given Pool/Group/Member.