Open jcosteatcyberark opened 3 years ago
Windows instances created on a second AWS account (using execution/assume roles) fails to be onboarded. The function instance_processing::get_instance_password_data is unable to use the assume role provided because of a typo error.
instance_processing::get_instance_password_data
The key in acct_b['Credentials'] should be SessionToken, not session_token : https://github.com/cyberark/cyberark-aws-auto-onboarding/blob/674908ca4304f9ead5451fec078fbc93189a3910/src/shared_libraries/instance_processing.py#L57
acct_b['Credentials']
SessionToken
session_token
Steps to reproduce the behavior:
The Administrator account of the EC2 instance appears in the PVWA.
You should see the following error in the Elasticity Lambda's logs:
[ERROR] {<class 'KeyError'>} [ERROR] Error on getting token from account XXXXXXXXXXXX : 'session_token'
cyberark/cyberark-aws-auto-onboarding:master
Summary
Windows instances created on a second AWS account (using execution/assume roles) fails to be onboarded. The function
instance_processing::get_instance_password_datais unable to use the assume role provided because of a typo error.The key in
acct_b['Credentials']should beSessionToken, notsession_token: https://github.com/cyberark/cyberark-aws-auto-onboarding/blob/674908ca4304f9ead5451fec078fbc93189a3910/src/shared_libraries/instance_processing.py#L57Steps to Reproduce
Steps to reproduce the behavior:
Expected Results
The Administrator account of the EC2 instance appears in the PVWA.
Actual Results (including error logs, if applicable)
You should see the following error in the Elasticity Lambda's logs:
Reproducible
Version/Tag number
cyberark/cyberark-aws-auto-onboarding:master
Environment setup