Analysis job for EC2 instance internet exposure appends to exposed_internet_type indefinitely

[achantavy]

Description:

What issue is being seen? Describe what should be happening instead of the bug, for example: Cartography should not crash, the expected value isn't returned, the data schema is wrong, etc.

The internet exposure analysis job should not be adding items to the exposed_internet_type list indefinitely. This should behave like a set, or if anything should be a single string value as it doesn't make sense to have multiple values here.

To Reproduce:

Steps to reproduce the behavior. Provide all data and inputs required to reproduce the issue.

Have an EC2 instance that is internet-exposed via an elastic load balancer for at least 2 syncs. The exposed_internet_type field on it will get longer.

Please complete the following information::

• Cartography release version or commit hash [e.g. 0.12.0 or 95e8e11913e2a44a4d4682506d8364a638ceac69]

f77f18706cdcebafda7c082a1734b29ca808e9a3

[marco-lancini]

Can confirm we are experiencing the same issue

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

[chandanchowdhury]

Is this issue still active?

Possible root-cause in cartography/data/jobs/analysis/aws_ec2_asset_exposure.json

$ git grep "exposed_internet_type" | grep "elbv2" 

cartography/data/jobs/analysis/aws_ec2_asset_exposure.json:    "query": "MATCH (elbv2:LoadBalancerV2{exposed_internet: true})-[:EXPOSE]->(e:EC2Instance)\nWITH e\nWHERE (e.exposed_internet_type IS NULL) OR (NOT 'elbv2' IN e.exposed_internet_type)\nSET e.exposed_internet = true, e.exposed_internet_type = coalesce(e.exposed_internet_type, []) + 'elbv2'",