ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(s3 race condition): catch error if a bucket does not exist any longer (#3000)

Browse Source
This commit is contained in:
Kay Agahd
2023-11-06 08:24:51 +00:00
committed by GitHub
parent 1a5742d4f5
commit 6e83afb580
1 changed files with 36 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
prowler/providers/aws/services/s3/s3_service.py
View File

@@ -43,45 +43,49 @@ class S3(AWSService):
try:
list_buckets = self.client.list_buckets()
for bucket in list_buckets["Buckets"]:
bucket_region = self.client.get_bucket_location(Bucket=bucket["Name"])[
"LocationConstraint"
]
if bucket_region == "EU": # If EU, bucket_region is eu-west-1
bucket_region = "eu-west-1"
if not bucket_region: # If None, bucket_region is us-east-1
bucket_region = "us-east-1"
# Arn
arn = f"arn:{self.audited_partition}:s3:::{bucket['Name']}"
if not self.audit_resources or (
is_resource_filtered(arn, self.audit_resources)
):
self.regions_with_buckets.append(bucket_region)
# Check if there are filter regions
if audit_info.audited_regions:
if bucket_region in audit_info.audited_regions:
try:
bucket_region = self.client.get_bucket_location(
Bucket=bucket["Name"]
)["LocationConstraint"]
if bucket_region == "EU": # If EU, bucket_region is eu-west-1
bucket_region = "eu-west-1"
if not bucket_region: # If None, bucket_region is us-east-1
bucket_region = "us-east-1"
# Arn
arn = f"arn:{self.audited_partition}:s3:::{bucket['Name']}"
if not self.audit_resources or (
is_resource_filtered(arn, self.audit_resources)
):
self.regions_with_buckets.append(bucket_region)
# Check if there are filter regions
if audit_info.audited_regions:
if bucket_region in audit_info.audited_regions:
buckets.append(
Bucket(
name=bucket["Name"],
arn=arn,
region=bucket_region,
)
)
else:
buckets.append(
Bucket(
name=bucket["Name"], arn=arn, region=bucket_region
)
)
else:
buckets.append(
Bucket(name=bucket["Name"], arn=arn, region=bucket_region)
except ClientError as error:
if error.response["Error"]["Code"] == "NoSuchBucket":
logger.warning(
f"{bucket['Name']} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
except ClientError as error:
if error.response["Error"]["Code"] == "NoSuchBucket":
logger.warning(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
except Exception as error:
logger.error(
f"{bucket['Name']} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
except Exception as error:
if bucket:
logger.error(
f"{bucket['Name']} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
else:
logger.error(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
logger.error(
f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
)
return buckets
def __get_bucket_versioning__(self, bucket):