search

nccgroup / PMapper

A tool for quickly evaluating IAM permissions in AWS.
GNU Affero General Public License v3.0
1.37k stars 169 forks source link

Can't List Graphs Without Valid Creds #42

Closed ncc-erik-steringer closed 4 years ago

ncc-erik-steringer commented 4 years ago

Describe the bug When running pmapper graph --list, PMapper won't run if the current creds aren't valid. This is due to an optimization where we pull a session from parsed args no matter what we're doing in the graph subcommand.

To Reproduce Steps to reproduce the behavior, please include information on suspected users/roles that are the source of the issue when possible:

  1. Use PMapper as normal to obtain a graph.
  2. Do something to disable the creds, ensure nothing is available in the default botocore profile, ensure no environment variables with creds are set.
  3. Run pmapper graph --list.
  4. Observe that the command doesn't execute

Expected behavior A list of available accounts should print no matter what.

We should also throw in the version of PMapper that generated the graph in the list.

ncc-erik-steringer commented 4 years ago

This is in master, will merge into v1.1.0-dev.