First I was very excited about AirIAM, but then it just stopped working, without any changes from my side.
I wonder if there is any Verbose or Debug mode to give more diagnostics output?
Otherwise it's just not clear why it fails like this:
» aws-vault exec .... -- airiam find_unused
____ __ _____ ____ __ __
/ __ \ |__| _ ____|_ _| / __ \ | \ / |
/ / \ \ __ | |/ ___| | | / / \ \ | |\ \ / /| |
/ /____\ \ | | | / | | / /____\ \ | | \ \/ / | |
/ ______ \_| |_| | _| |_ / ______ \ | \ / | |
/_/ \_\_____|__| |_____|/_/ \_\_| \/ |_|
v0.1.48
AirIAM - Least privilege AWS IAM Terraformer
To continuously scan configurations, try the Bridgecrew free community plan.
https://www.bridgecrew.io
INFO:botocore.credentials:Found credentials in environment variables.
Getting all IAM configurations for account 655028521085
Getting IAM credential report
Generated reports for all principals
Received usage results for all principals
Collecting password configurations for all IAM users in the account
Completed data collection, writing to local file...
Traceback (most recent call last):
File "/Users/ivan/.asdf/installs/python/3.8.5/bin/airiam", line 5, in <module>
run()
File "/Users/ivan/.asdf/installs/python/3.8.5/lib/python3.8/site-packages/airiam/main.py", line 29, in run
runtime_results = find_unused(logger, args.profile, args.no_cache, args.last_used_threshold, args.command)
File "/Users/ivan/.asdf/installs/python/3.8.5/lib/python3.8/site-packages/airiam/find_unused/find_unused.py", line 51, in find_unused
unused_active_access_keys, unused_console_login_profiles = find_unused_active_credentials(account_users, credential_report, unused_threshold)
File "/Users/ivan/.asdf/installs/python/3.8.5/lib/python3.8/site-packages/airiam/find_unused/find_unused.py", line 98, in find_unused_active_credentials
credentials = next(creds for creds in credential_report if creds['user'] == user['UserName'])
StopIteration
First I was very excited about AirIAM, but then it just stopped working, without any changes from my side. I wonder if there is any Verbose or Debug mode to give more diagnostics output? Otherwise it's just not clear why it fails like this: