search

duo-labs / cloudmapper

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
BSD 3-Clause "New" or "Revised" License
5.94k stars 800 forks source link

Regions data not found when account ID starts with a zero #795

Open jtyers opened 3 years ago

jtyers commented 3 years ago

Using the Docker container, when running cloudmapper.py report, with multiple accounts, I get the following error:

Traceback (most recent call last):
  File "./cloudmapper.py", line 72, in <module>
    main()
  File "./cloudmapper.py", line 66, in main
    commands[command].run(arguments)
  File "/opt/cloudmapper/commands/report.py", line 471, in run
    report(accounts, config, args)
  File "/opt/cloudmapper/commands/report.py", line 91, in report
    "collection_date": get_collection_date(account)[:10],
  File "/opt/cloudmapper/shared/common.py", line 332, in get_collection_date
    account_struct, "iam-get-credential-report", get_us_east_1(account_struct)
  File "/opt/cloudmapper/shared/common.py", line 306, in get_us_east_1
    for region_json in get_regions(account):
  File "/opt/cloudmapper/shared/common.py", line 162, in get_regions
    regions = pyjq.all(".Regions[]{}".format(region_filter), region_data)
  File "/usr/local/lib/python3.7/site-packages/pyjq.py", line 49, in all
    return compile(script, vars, library_paths).all(_get_value(value, url, opener))
  File "_pyjq.pyx", line 209, in _pyjq.Script.all (_pyjq.c:2561)
_pyjq.ScriptRuntimeError: Cannot iterate over null (null)

After some debugging I saw the account data involved did have a describe-regions.json and it contained data in the right format. However, the account ID started with a zero. Doing this:

cd account-data
ln -s 012345678 12345678  # replace with real account IDs

...fixed it. Very nasty hack that may mess up other parts of my audit though! This should be fixed - clearly Python is doing a silent type conversion to a number somewhere and stripping the zero.

0xdabbad00 commented 3 years ago

Yikes, thanks for reporting @jtyers. I'll look into it.

SmoothSailingMusic commented 3 years ago

Can report that I am experiencing this same issue. The suggested fix did not work in my case. Clients aws ID also begins with a zero.

erict35000 commented 9 months ago

Hi,

I was unable to install cloud mapper on macOS Monterey, Ubuntu 22.04 and Mint.

So I decided to install docker on macOS Monterey and follow these instructions : https://github.com/duo-labs/cloudmapper/issues/896

Everything is fine, but when I type python cloudmapper.py report --accounts XXX,XXX, what I have to input as accounts. I try with audit, my account on AWS and the number of AWSaccount. I use a specific config.json for my AWS platform but it asks a region or tells me audit our xxxx are not in my config file.

Could you please tell me what I need to add to my config.json file ?

Regards Eric