We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Terraform_stack.py fails setting up workspace on suspended AWS accounts
Steps to reproduce the behavior:
Error: operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: 8342b965-a2de-4cab-89e2-0c324cbfade6, api error AccessDenied: User: arn:aws:sts::632617325597:assumed-role/Admin/tantonjt-Isengard is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::654654472939:role/sra-execution
Workspace is created and plan is created /updated.
If applicable, add screenshots to help explain your problem.
The solution to the problem is to filter the list of accounts in the python script.
aws-security-reference-architecture-examples/aws_sra_examples/terraform/solutions/terraform_stack.py
Existing line of code : accounts = [account["Id"] for page in paginator.paginate() for account in page["Accounts"]]
Line 71 in aa58485
Updated line should be accounts = [account["Id"] for page in paginator.paginate() for account in page["Accounts"] if account['Status'] == 'ACTIVE' ]
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Describe the bug
Terraform_stack.py fails setting up workspace on suspended AWS accounts
To Reproduce
Steps to reproduce the behavior:
Error: operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: 8342b965-a2de-4cab-89e2-0c324cbfade6, api error
AccessDenied: User: arn:aws:sts::632617325597:assumed-role/Admin/tantonjt-Isengard is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::654654472939:role/sra-execution
Expected behavior
Workspace is created and plan is created /updated.
Screenshots
If applicable, add screenshots to help explain your problem.
Deployment Environment (please complete the following information)
Additional context
The solution to the problem is to filter the list of accounts in the python script.
aws-security-reference-architecture-examples/aws_sra_examples/terraform/solutions/terraform_stack.py
Existing line of code :
accounts = [account["Id"] for page in paginator.paginate() for account in page["Accounts"]]
aws-security-reference-architecture-examples/aws_sra_examples/terraform/solutions/terraform_stack.py
Line 71 in aa58485
Updated line should be
accounts = [account["Id"] for page in paginator.paginate() for account in page["Accounts"] if account['Status'] == 'ACTIVE' ]
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: