Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

SSM Runbook Fails

0
  • Name of the Runbook: AWSConfigRemediation-RevokeUnusedIAMUserCredentials
  • error: line 74, in get_user_name resource_name = list_discovered_resources_response.get("resourceIdentifiers")[0].get("resourceName") IndexError: list index out of range IndexError - list index out of range. Please refer to Automation Service Troubleshooting Guide for more diagnosis details.

when I try to run this runbook, it fails with that error. I tried inputting different IAM resource identifiers (group, user, role...). Config is also enabled. What should I do?

Temas
Gestión y gobiernoSeguridad, identidad y cumplimiento
Etiquetas
AWS Systems ManagerPolíticas de IAM
Idioma
English
Aref
preguntada hace 2 meses166 visualizaciones
1 Respuesta
0

IAMResourceId is a IAM resource unique identifier. You need to obtain the UserId from a CLi/APi Call. https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html

The unique ID for an IAM resource is not available in the IAM console. To get the unique ID, you can use the following AWS CLI commands or IAM API calls.

aws iam get-user --user-name <username>

This will return the UserId. This is what needs to be passed to the Document as the IAMResourceID

EG:

{
    "User": {
        "Path": "/",
        "UserName": "myuser",
        "UserId": "DFG87DFG87DFGDFG6",
        "Arn": "arn:aws:iam::111111111111:user/myuser",
        "CreateDate": "2023-04-23T12:26:53+00:00"
    }
}
profile picture
EXPERTO
Gary Mclean
respondido hace 2 meses
profile picture
EXPERTO
Kallu
revisado hace 2 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante