search

duo-labs / cloudmapper

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
BSD 3-Clause "New" or "Revised" License
5.94k stars 800 forks source link

get_account_stats bucket_region = get_parameter_file( TypeError: 'NoneType' object is not subscriptable #772

Open miltieIV2 opened 3 years ago

miltieIV2 commented 3 years ago

Please mention the following:

I did get a number of errors during collect: s3.getbucket({'Bucket': 'bucket-name'}): An error occurred (AccessDenied) when calling the GetBucket operation: Access Denied

$ python cloudmapper.py report --account my_account
* Getting resource counts
Traceback (most recent call last):
  File "cloudmapper.py", line 72, in <module>
    main()
  File "cloudmapper.py", line 66, in main
    commands[command].run(arguments)
  File "/home/john.milton/src/github.com/duo-labs/cloudmapper/commands/report.py", line 471, in run
    report(accounts, config, args)
  File "/home/john.milton/src/github.com/duo-labs/cloudmapper/commands/report.py", line 100, in report
    account_stats[account["name"]] = get_account_stats(
  File "/home/john.milton/src/github.com/duo-labs/cloudmapper/shared/common.py", line 278, in get_account_stats
    bucket_region = get_parameter_file(
TypeError: 'NoneType' object is not subscriptable

wrapping a try/except around it got around this error:

diff --git a/shared/common.py b/shared/common.py
index e1a3708..5b711e6 100644
--- a/shared/common.py
+++ b/shared/common.py
@@ -275,10 +275,12 @@ def get_account_stats(account, all_resources=False):
                     )
                     for bucket in buckets:
                         # Get the bucket's location
-                        bucket_region = get_parameter_file(
-                            region, "s3", "get-bucket-location", bucket
-                        )["LocationConstraint"]
-
+                        try:
+                          bucket_region = get_parameter_file(
+                              region, "s3", "get-bucket-location", bucket
+                          )["LocationConstraint"]
+                        except TypeError:
+                          bucket_region=None
                         # Convert the value to a name.
                         # See https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region
                         if bucket_region is None:
w0rmr1d3r commented 3 years ago

Hello @miltieIV2 ! Can you try running it again without getting those AccessDenied errors that you mention above? So we can see if the TypeError is caused due to that? Thank you!

w0rmr1d3r commented 3 years ago

Hello again @miltieIV2 ! I've been reviewing some issues and found a similar issue to yours. Start with https://github.com/duo-labs/cloudmapper/issues/422 and read the linked issues, could it be that you were running an old version of Cloudmapper or an old version of boto3/botocore ? Can you try the same but reinstalling Cloudmapper again form scratch? Thank you!

Techbrunch commented 1 year ago

Same issue as https://github.com/duo-labs/cloudmapper/pull/925 please add the fix.

I'm guessing that it is due to some missing permissions which might not always be fixable when doing an external audit.