[resotocore][fix] Fix datetime parsing in credentials report (#1455)

someengineering · Feb 17, 2023 · 7d0c15d · 7d0c15d
1 parent 8471424
commit 7d0c15d
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/plugins/aws/resoto_plugin_aws/resource/iam.py b/plugins/aws/resoto_plugin_aws/resource/iam.py
@@ -472,13 +472,17 @@ def by_index(i: int) -> AwsIamAccessKey:
         return [by_index(idx) for idx in range(1, 3)]
 
     def value_of(self, k: str, fn: Optional[Callable[[str], Any]] = None) -> Any:
-        v = self.line.get(k)
-        return None if v is None or v in self.undefined else (fn(v) if fn else v)
+        try:
+            v = self.line.get(k)
+            return None if v is None or v in self.undefined else (fn(v) if fn else v)
+        except Exception:
+            return None
 
     def password_enabled(self) -> bool:
         return self.value_of("password_enabled") == "true"  # type: ignore
 
     def password_last_used(self) -> Optional[datetime]:
+        # can also have a value of "no_information" or "N/A" or similar
         return self.value_of("password_last_used", parse_utc)  # type: ignore
 
     def password_last_changed(self) -> Optional[datetime]:

diff --git a/plugins/aws/test/resources/iam_test.py b/plugins/aws/test/resources/iam_test.py
@@ -23,10 +23,11 @@ def test_credentials_report() -> None:
         user,arn,user_creation_time,password_enabled,password_last_used,password_last_changed,password_next_rotation,mfa_active,access_key_1_active,access_key_1_last_rotated,access_key_1_last_used_date,access_key_1_last_used_region,access_key_1_last_used_service,access_key_2_active,access_key_2_last_rotated,access_key_2_last_used_date,access_key_2_last_used_region,access_key_2_last_used_service,cert_1_active,cert_1_last_rotated,cert_2_active,cert_2_last_rotated
         a,arn:aws:iam::test:user/a,2021-05-06T08:23:17+00:00,true,2021-12-08T09:34:46+00:00,2021-05-06T08:30:03+00:00,N/A,true,true,2021-05-06T08:23:18+00:00,2023-01-25T10:11:00+00:00,us-east-1,iam,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A
         b,arn:aws:iam::test:user/b,2022-05-06T08:23:17+00:00,false,2022-12-08T09:34:46+00:00,2022-05-06T08:30:03+00:00,N/A,false,false,2022-05-06T08:23:18+00:00,2023-01-25T10:11:00+00:00,eu-central-1,s3,true,2023-01-25T10:11:00+00:00,2023-01-25T10:11:00+00:00,eu-central-3,iam,false,N/A,false,N/A
+        c,arn:aws:iam::test:user/c,2022-05-06T08:23:17+00:00,false,no_information,2022-05-06T08:30:03+00:00,N/A,false,false,2022-05-06T08:23:18+00:00,2023-01-25T10:11:00+00:00,eu-central-1,s3,true,2023-01-25T10:11:00+00:00,2023-01-25T10:11:00+00:00,eu-central-3,iam,false,N/A,false,N/A
         """
     ).strip()
     lines = CredentialReportLine.from_str(csv)
-    assert len(lines) == 2
+    assert len(lines) == 3
     assert lines["a"].password_enabled() is True
     assert lines["a"].password_last_used() == datetime(2021, 12, 8, 9, 34, 46, tzinfo=timezone.utc)
     assert [a.access_key_last_used.service_name for a in lines["a"].access_keys() if a.access_key_last_used] == ["iam"]