🐛 Bug Report: AttributeError: 'list' object has no attribute 'items' (both for recommend_groups and terraform ) #166
Labels
Comments
|
Fixing this seems like a pretty straightforward task. The bad line: for priv, priv_obj in action_map.get(action_service, {}).get('privileges', []).items():The error: |
lachlanjholmes
added a commit
to lachlanjholmes/AirIAM
that referenced
this issue
Mar 13, 2023
As mentioned in bridgecrewio#166 this PR fixes the recommend_groups command.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
👟 Reproduction steps
First time user, when I hit find unused it is working perfectly.
However the other options recommend_groups and terraform are throwing errors
$ sudo airiam recommend_groups -p Account1
/ / \ \ __ | |/ | | | / / \ \ | |\ \ / /| |
/ /\ \ | | | / | | / /\ \ | | \ / / | |
/ ______ _| || | | | / ______ \ | \ / | |
// ___|| |___|// __| / ||
v0.1.83
AirIAM - Least privilege AWS IAM Terraformer
To continuously scan configurations, try the Bridgecrew free community plan.
https://www.bridgecrew.io
INFO:botocore.credentials:Found credentials in shared credentials file: ~/.aws/credentials
Reusing local data
INFO:root:Analyzing data for account xxxxxxxxx(masked)
INFO:root:Using the default UserOrganizer
Traceback (most recent call last):
File "/usr/bin/airiam", line 5, in
run()
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/main.py", line 36, in run
report_with_recommendations = recommend_groups(logger, runtime_results, args.last_used_threshold)
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/recommend_groups/recommend_groups.py", line 19, in recommend_groups
runtime_iam_report.set_reorg(organizer.get_user_clusters(runtime_iam_report))
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/recommend_groups/recommend_groups.py", line 38, in get_user_clusters
simple_user_clusters = self._create_simple_user_clusters(human_users, iam_data['AccountGroups'], iam_data['AccountPolicies'])
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/recommend_groups/recommend_groups.py", line 84, in _create_simple_user_clusters
if PolicyAnalyzer.policy_is_write_access(policy_document):
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/find_unused/PolicyAnalyzer.py", line 62, in policy_is_write_access
for priv, priv_obj in action_map.get(action_service, {}).get('privileges', []).items():
AttributeError: 'list' object has no attribute 'items'
👍 Expected behavior
It should show recommendations
👎 Actual Behavior
$ sudo airiam recommend_groups -p Account1
/ / \ \ __ | |/ | | | / / \ \ | |\ \ / /| |
/ /\ \ | | | / | | / /\ \ | | \ / / | |
/ ______ _| || | | | / ______ \ | \ / | |
// ___|| |___|// __| / ||
v0.1.83
AirIAM - Least privilege AWS IAM Terraformer
To continuously scan configurations, try the Bridgecrew free community plan.
https://www.bridgecrew.io
INFO:botocore.credentials:Found credentials in shared credentials file: ~/.aws/credentials
Reusing local data
INFO:root:Analyzing data for account xxxxxxxxx(masked)
INFO:root:Using the default UserOrganizer
Traceback (most recent call last):
File "/usr/bin/airiam", line 5, in
run()
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/main.py", line 36, in run
report_with_recommendations = recommend_groups(logger, runtime_results, args.last_used_threshold)
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/recommend_groups/recommend_groups.py", line 19, in recommend_groups
runtime_iam_report.set_reorg(organizer.get_user_clusters(runtime_iam_report))
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/recommend_groups/recommend_groups.py", line 38, in get_user_clusters
simple_user_clusters = self._create_simple_user_clusters(human_users, iam_data['AccountGroups'], iam_data['AccountPolicies'])
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/recommend_groups/recommend_groups.py", line 84, in _create_simple_user_clusters
if PolicyAnalyzer.policy_is_write_access(policy_document):
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/find_unused/PolicyAnalyzer.py", line 62, in policy_is_write_access
for priv, priv_obj in action_map.get(action_service, {}).get('privileges', []).items():
AttributeError: 'list' object has no attribute 'items'
💻 Operating system
Linux
🧱 Your Environment
No response
Python Version
python3 --version
Python 3.7.5
checkov-version
not using it
Share output with the environment variable LOG_LEVEL set to DEBUG
Traceback (most recent call last):
File "/usr/bin/airiam", line 5, in
run()
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/main.py", line 36, in run
report_with_recommendations = recommend_groups(logger, runtime_results, args.last_used_threshold)
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/recommend_groups/recommend_groups.py", line 19, in recommend_groups
runtime_iam_report.set_reorg(organizer.get_user_clusters(runtime_iam_report))
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/recommend_groups/recommend_groups.py", line 38, in get_user_clusters
simple_user_clusters = self._create_simple_user_clusters(human_users, iam_data['AccountGroups'], iam_data['AccountPolicies'])
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/recommend_groups/recommend_groups.py", line 84, in _create_simple_user_clusters
if PolicyAnalyzer.policy_is_write_access(policy_document):
File "/home/cspm/.local/lib/python3.7/site-packages/airiam/find_unused/PolicyAnalyzer.py", line 62, in policy_is_write_access
for priv, priv_obj in action_map.get(action_service, {}).get('privileges', []).items():
AttributeError: 'list' object has no attribute 'items'
👀 Have you spent some time to check if this issue has been raised before?
The text was updated successfully, but these errors were encountered: