Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CIS AWS] fail to parse root account password last used, error: parsing time "no_information" #1754

Closed
1 task done
romulets opened this issue Dec 28, 2023 · 1 comment
Closed
1 task done

[CIS AWS] fail to parse root account password last used, error: parsing time "no_information" #1754

romulets opened this issue Dec 28, 2023 · 1 comment
Assignees
@kubasobon
Labels
aws bug Something isn't working Team:Cloud Security Cloud Security team related

Comments

@romulets
Copy link
Member

romulets commented Dec 28, 2023
edited by kubasobon
Loading

Motivation
About

example

fail to parse root account password last used, error: parsing time "no_information" as "2006-01-02T15:04:05Z07:00": cannot parse "no_information" as "2006"

Validated by

aws iam get-credential-report --no-cli-pager | jq .Content -r | base64 --decode | csvcut -c user,password_last_used

I can see multiple no_informations, and the docs also states the no_information as a valid value.

We need to validate the value before trying to convert and allowing lastUsed to be nil

Definition of done

  • validate if the PasswordLastUsed has value no_information. If it has, don't convert and keep pwdLastUsed nil.

Out of scope
What should not be included in this task

Related tasks/epics
@romulets romulets added bug Something isn't working Team:Cloud Security Cloud Security team related 8.13 candidate aws labels Dec 28, 2023
@kubasobon
Copy link
Member

Fixed (code) as part of #2050

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kubasobon kubasobon

Labels
aws bug Something isn't working Team:Cloud Security Cloud Security team related
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kubasobon @romulets @oren-zohar