From 513fd9f5323ff6ca9aafd501780c1c3b95e04e5a Mon Sep 17 00:00:00 2001 From: Pepe Fagoaga Date: Mon, 7 Aug 2023 10:04:19 +0200 Subject: [PATCH] fix(iam-dynamodb): Handle errors (#2680) --- .../aws/services/dynamodb/dynamodb_service.py | 35 ++++++++++++------- .../providers/aws/services/iam/iam_service.py | 19 +++++++--- 2 files changed, 38 insertions(+), 16 deletions(-) diff --git a/prowler/providers/aws/services/dynamodb/dynamodb_service.py b/prowler/providers/aws/services/dynamodb/dynamodb_service.py index 8f54064a..ef2349a4 100644 --- a/prowler/providers/aws/services/dynamodb/dynamodb_service.py +++ b/prowler/providers/aws/services/dynamodb/dynamodb_service.py @@ -65,18 +65,29 @@ class DynamoDB(AWSService): logger.info("DynamoDB - Describing Continuous Backups...") try: for table in self.tables: - regional_client = self.regional_clients[table.region] - properties = regional_client.describe_continuous_backups( - TableName=table.name - )["ContinuousBackupsDescription"] - if "PointInTimeRecoveryDescription" in properties: - if ( - properties["PointInTimeRecoveryDescription"][ - "PointInTimeRecoveryStatus" - ] - == "ENABLED" - ): - table.pitr = True + try: + regional_client = self.regional_clients[table.region] + properties = regional_client.describe_continuous_backups( + TableName=table.name + )["ContinuousBackupsDescription"] + if "PointInTimeRecoveryDescription" in properties: + if ( + properties["PointInTimeRecoveryDescription"][ + "PointInTimeRecoveryStatus" + ] + == "ENABLED" + ): + table.pitr = True + except ClientError as error: + if error.response["Error"]["Code"] == "TableNotFoundException": + logger.warning( + f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" + ) + else: + logger.error( + f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" + ) + continue except Exception as error: logger.error( f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}" diff --git a/prowler/providers/aws/services/iam/iam_service.py b/prowler/providers/aws/services/iam/iam_service.py index d625d0a8..e821c8ff 100644 --- a/prowler/providers/aws/services/iam/iam_service.py +++ b/prowler/providers/aws/services/iam/iam_service.py @@ -442,10 +442,21 @@ class IAM(AWSService): logger.info("IAM - List Policies Version...") try: for policy in policies: - policy_version = self.client.get_policy_version( - PolicyArn=policy.arn, VersionId=policy.version_id - ) - policy.document = policy_version["PolicyVersion"]["Document"] + try: + policy_version = self.client.get_policy_version( + PolicyArn=policy.arn, VersionId=policy.version_id + ) + policy.document = policy_version["PolicyVersion"]["Document"] + except ClientError as error: + if error.response["Error"]["Code"] == "NoSuchEntity": + logger.warning( + f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" + ) + else: + logger.error( + f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" + ) + continue except Exception as error: logger.error( f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"