misindentification of name tags

Question

misindentification of name tags

Seegras opened this issue 5 years ago · 3 comments

On line 63 of audit_aws_rec_ec2.sh you're reading the security group names, and then you try to look up the name tag for each of it on line 66. This fails:

aws ec2 describe-security-groups --region eu-west-1 --group-names my_sec_group --query "SecurityGroups[].Tags[?Key==`Name`].Value" --output text

An error occurred (InvalidParameterValue) when calling the DescribeSecurityGroups operation: Invalid value 'my_sec_group' for groupName. You may not reference Amazon VPC security groups by name. Please use the corresponding id for this operation.

You need to change the query on line 63 to ask for SecurityGroups[].GroupId

(maybe I should fork this and send you the pull requests?)

Answer 1 · 2019-07-31T13:57:19.000Z

might be an issue with newer vpc ones; older ones work. I'll try to find out more. It is.

Answer 2 · 2019-07-31T22:23:31.000Z

OK, looks like going to need to work out how to tell the difference between older and newer.

Thanks again. Have merged the patch. Will try to find some time next week to do some more testing. I must admit it's been a while since I've checked it all.

Answer 3 · 2019-08-05T10:12:47.000Z

With the latest pull-request, all obvious bugs should have been fixed.