Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS Resources that are in suspended accounts failing plan/apply stages - Can we ignore or bypass these accounts? #684

Open
MaxMoon771 opened this issue Dec 16, 2024 · 1 comment
Open

AWS Resources that are in suspended accounts failing plan/apply stages - Can we ignore or bypass these accounts? #684

MaxMoon771 opened this issue Dec 16, 2024 · 1 comment

Comments

@MaxMoon771
Copy link

We have recently suspended a few aws accounts, but we did not delete or remove any resources before the process... I am having issues with iambic unable to update a PermissionSet AWSPowerUserAccess due to what I believe is the suspended account. Updating and running iambic plan for the resource is resulting with this error. I have commented out the suspended accounts in iambic_config to avoid scanning that account. I have done through and removed all references to this account.

Curious if anyone has ran into issues with suspended accounts and issues with modifying resources?

[
  {
    "resource_id": "AWSPowerUserAccess",
    "resource_type": "aws:identity_center:permission_set",
    "template_path": "resources/aws/identity_center/permission_set/awspoweruseraccess.yaml",
    "proposed_changes": [],
    "exceptions_seen": [
      {
        "account": "gafg-master - (851158803636)",
        "resource_id": "AWSPowerUserAccess",
        "proposed_changes": [],
        "exceptions_seen": [
          {
            "change_type": "Unknown",
            "account": "gafg-master - (851158803636)",
            "resource_id": "AWSPowerUserAccess",
            "resource_type": "aws:identity_center:permission_set",
            "exceptions_seen": [
              "'020619688306'"
            ]
          }
        ]
      }
    ]
  }
]

image

Expected behavior
Hoping iambic can do a health check and see accounts/resources in suspended state and allow the plan/apply to proceed

Community Engagement
Your vote counts! Please support this bug report by adding a 👍 reaction to the original issue, which will aid the community and maintainers in addressing this problem.

Please refrain from adding "+1" or "me too" comments, as these create unnecessary noise for issue followers and do not help in prioritizing the issue. If you wish to contribute to solving this issue or have submitted a pull request, please leave a comment.
@MaxMoon771
Copy link
Author

Found a document via Merge in Aug 2023.
Tried marking the accounts in iambic_config = disabled
Re-ran the import process to update those resources as disabled.
Same error

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MaxMoon771