Bug in aws_iam_users resource

[Rohit1509]

Filtering not working for 'aws_iam_users' resource.

Describe the problem

Using aws_iam_users.where(has_inline_policies: true).usernames.each do |user_name| filtering in the control is giving out an error even if it is a valid filter defined.

Possible Solution

[sathish-progress]

Hey @Rohit1509, I tried this and works well for me

[sathish-progress]

Could you may be try to remove theinspec.lock and try again?

[Rohit1509]

@sathish-progress , I tried removing the inspec.lock file. This issue is not coming up in the previous version of resource pack (v1.81.16). I will give this a try again and update here. Thanks!

[sathish-progress]

@Rohit1509 , the latest version is actually 1.83.16, best if you could point it to that version..

[Rohit1509]

Hi @sathish-progress , I tried with updated version of resource pack as well (1.83.6) ans same issue again. I feel one possible issue could be the use case where there are no users that have inline policies attached because it returns 'nil' in that case. Can you try on your end if that use case still works ? Thanks!

[Rohit1509]

There are no users that have inline policies attached and it returns this:

[sathish-progress]

@Rohit1509 , for some reason am unable to replicate this issue!

[sathish-progress]

I tested it in both inspec versions (4.52.9, 5.12.2) and am able to see things work.. Could you please give me your inspec.yml?

[Rohit1509]

@sathish-progress , There is a user in our account for which we don't have access permissions. So essentially we can't get any API response of this user. Could this be possible reason for this not working on my end ?

[sathish-progress]

Hmmm yeah, But ideally we should be using accounts that has access permissions so that inspec could read the data.