Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

manifest_parser.py account list logic error #45

Closed
drew-marumoto opened this issue Dec 10, 2020 · 2 comments
Closed

manifest_parser.py account list logic error #45

drew-marumoto opened this issue Dec 10, 2020 · 2 comments

Comments

@drew-marumoto
Copy link

drew-marumoto commented Dec 10, 2020
edited
Loading

In manifest_parser.py, the get_final_account_list() method has a logic error. the statement below is checking for name.lower() in the string key.lower(). the problem arises when you have an account name that is a subset of another account name. I have one account named "aws-ct" and one account named "aws-ct-master". when I specify "aws-ct" as a deploy_to_account, the logic in the statement below matches both "aws-ct" and "aws-ct-master" which is deploying the resource to both accounts, even though only the "aws-ct" account is listed in manifest.yaml. see the snipped below from my cloudtrail logs that show the name_to_account_map object.

    if name_list:
        # convert OU Name to OU IDs
        for name in name_list:
            name_account = [value for key, value in
                            name_to_account_map.items()
                            if name.lower() in key.lower()]
            self.logger.info("%%%%%%% Name {} -  Account {}"
                             .format(name, name_account))
            new_account_list.extend(name_account)

2020-12-10T09:31:29.382-08:00 | {"time_stamp": "2020-12-10 17:31:28,252","log_level": "INFO","log_message": Print Account Name > Account Mapping}
-- | --
  | 2020-12-10T09:31:29.382-08:00 |  
  | 2020-12-10T09:31:29.382-08:00 | {"time_stamp": "2020-12-10 17:31:28,253","log_level": "INFO","log_message": {
  | 2020-12-10T09:31:29.382-08:00 | "aftest3": "",
  | 2020-12-10T09:31:29.382-08:00 | "Audit": "",
  | 2020-12-10T09:31:29.382-08:00 | "aftest2": "",
  | 2020-12-10T09:31:29.382-08:00 | "Log archive": "",
  | 2020-12-10T09:31:29.382-08:00 | "account-factory-new-acct-lab": "",
  | 2020-12-10T09:31:29.382-08:00 | "route53": "",
  | 2020-12-10T09:31:29.382-08:00 | "aws-ct": "",
  | 2020-12-10T09:31:29.382-08:00 | "aws-ct-master": ""
  | 2020-12-10T09:31:29.382-08:00 | }}```
@groverlalit
Copy link
Member

@budgreen619 Thanks for bringing this to our attention. We have added this to our backlog and plan to fix it in the next release.

@groverlalit
Copy link
Member

This change was released in v2.1.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@groverlalit @drew-marumoto