Closed andreirymar closed 3 years ago
mlevit
commented
3 years ago Hey @andreirymar I've noticed the SG you whitelisted sg-0127c8a90d0070711 is different to the SG in the logs that was deleted sg-09d066f32959feb7d. Can you please confirm if this is still an issue?
andreirymar
commented
3 years ago sorry, posted wrong config from DynamoDB. This is what is in there.
resource_id String : ec2:security_group:sg-09d066f32959feb7d
mlevit
commented
3 years ago I just ran a test with two security groups, one whitelisted, the other not. Everything seems to be working as intended:
[DEBUG] EC2 Security Group 'sg-007923e567a01accc' has been whitelisted and has not been deleted. (ec2_cleanup.py, security_groups(), line 329)[INFO] EC2 Security Group 'sg-068262276c93e8c0f' is not associated with an EC2 instance and has been deleted. (ec2_cleanup.py, security_groups(), line 323)My whitelist record is
{
"expire_at": {
"N": "99999999999"
},
"resource_id": {
"S": "ec2:security_group:sg-007923e567a01accc"
}
}Can you verify if this was the only SG that whitelisted and deleted or have you found other cases too? Can you show your DynamoDB JSON of the record?
mlevit
commented
3 years ago Closing the issue due to inactivity.
Describe the bug SG has been whitelisted but still deleted.
To Reproduce from CloudWatch logs [INFO] EC2 Security Group 'sg-09d066f32959feb7d' is not associated with an EC2 instance and has been deleted. (ec2_cleanup.py, security_groups(), line 293)
Entry in DynamoDB as below resource_id String: ec2:security_group:sg-0127c8a90d0070711
Expected behavior I was expecting the process to skip this SG as it was whitelisted,
Screenshots If applicable, add screenshots to help explain your problem.
Stacktrace [INFO] EC2 Security Group 'sg-09d066f32959feb7d' is not associated with an EC2 instance and has been deleted. (ec2_cleanup.py, security_groups(), line 293)