From ac7d51b6f3c10300f01376840342c069ae394e88 Mon Sep 17 00:00:00 2001
From: Ben Hecht <ben.hecht@10gen.com>
Date: Tue, 29 May 2018 17:19:23 -0400
Subject: [PATCH] Support graceful failing of buckets with corrupt/unintended
 permissions

---
 checks/check_extra73 | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/checks/check_extra73 b/checks/check_extra73
index 7838f570..4e2c5142 100644
--- a/checks/check_extra73
+++ b/checks/check_extra73
@@ -22,7 +22,12 @@ extra73(){
   textInfo "Looking for open S3 Buckets (ACLs and Policies) in all regions...  "
   ALL_BUCKETS_LIST=$($AWSCLI s3api list-buckets --query 'Buckets[*].{Name:Name}' --profile $PROFILE --region $REGION --output text)
   for bucket in $ALL_BUCKETS_LIST; do
-    BUCKET_LOCATION=$($AWSCLI s3api get-bucket-location --bucket $bucket --profile $PROFILE --region $REGION --output text)
+    BUCKET_LOCATION=$($AWSCLI s3api get-bucket-location --bucket $bucket --profile $PROFILE --region $REGION --output text 2>/dev/null)
+    exit_status=$?
+    if [[ $exit_status != 0 ]]; then
+      textFail "$bucket bucket is unreadable due to permissions" "$regx"
+      continue $exit_status;
+    fi
     if [[ "None" == $BUCKET_LOCATION ]]; then
       BUCKET_LOCATION="us-east-1"
     fi