Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

phd mode errors for no event pattern #6962

Open
myoung34 opened this issue Oct 26, 2021 · 1 comment
Open

phd mode errors for no event pattern #6962

myoung34 opened this issue Oct 26, 2021 · 1 comment
Labels
kind/bug

Comments

@myoung34
Copy link
Contributor

myoung34 commented Oct 26, 2021
edited
Loading

Describe the bug

Im migrating our old rules to c7n-org with security hub actions

This policy has always worked:

policies:
  - name: phd-alerts
    resource: account
    comment: Olay PHD alerts
    mode:
      type: phd
      role: arn:aws:iam::111111111111:role/cloud_custodian_role
    description: Any PHD alert
    actions:
    - type: notify
      to:
        - [email protected]
      message: |
        A PHD Alert has been created. https://phd.aws.amazon.com/phd/home#/dashboard/open-issues
      transport:
        type: sns
        topic: arn:aws:sns:us-east-1:111111111111:feed-cloud-custodian

Migrating it to security hub fails:

policies:
  - name: phd-alerts
    resource: account
    comment: Olay PHD alerts
    mode:
      type: phd
      role: arn:aws:iam::{account_id}:role/cloud-custodian
    description: Any PHD alert
    actions:
      - type: post-finding
        severity_normalized: 40
        types:
          - "Software and Configuration Checks/AWS Security Best Practices"

What did you expect to happen?

No errors

Cloud Provider

Amazon Web Services (AWS)

Cloud Custodian version and dependency information

c7n-org==0.6.10

Relevant log/traceback output

2021-10-26 20:35:13,155: c7n_org:ERROR Exception running policy:phd-alerts account:monitoring-staging region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:35:22,198: c7n_org:ERROR Exception running policy:phd-alerts account:monitoring-staging region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:35:33,953: c7n_org:ERROR Exception running policy:phd-alerts account:monitoring-prod region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:35:43,188: c7n_org:ERROR Exception running policy:phd-alerts account:monitoring-prod region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:35:54,044: c7n_org:ERROR Exception running policy:phd-alerts account:events-development region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:36:06,117: c7n_org:ERROR Exception running policy:phd-alerts account:events-development region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:36:23,779: c7n_org:ERROR Exception running policy:phd-alerts account:events-beta region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:36:35,936: c7n_org:ERROR Exception running policy:phd-alerts account:events-beta region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:36:52,840: c7n_org:ERROR Exception running policy:phd-alerts account:prod-eng-development region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:37:08,798: c7n_org:ERROR Exception running policy:phd-alerts account:prod-eng-development region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:37:24,995: c7n_org:ERROR Exception running policy:phd-alerts account:appplatform-beta region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:37:34,700: c7n_org:ERROR Exception running policy:phd-alerts account:appplatform-beta region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:37:46,078: c7n_org:ERROR Exception running policy:phd-alerts account:appplatform-development region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:37:56,792: c7n_org:ERROR Exception running policy:phd-alerts account:appplatform-development region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:38:08,985: c7n_org:ERROR Exception running policy:phd-alerts account:engine-gamma region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:38:20,115: c7n_org:ERROR Exception running policy:phd-alerts account:engine-gamma region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:38:35,716: c7n_org:ERROR Exception running policy:phd-alerts account:identity-staging region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:38:45,070: c7n_org:ERROR Exception running policy:phd-alerts account:identity-staging region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:38:56,691: c7n_org:ERROR Exception running policy:phd-alerts account:appplatform-staging region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:39:05,959: c7n_org:ERROR Exception running policy:phd-alerts account:appplatform-staging region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:39:16,848: c7n_org:ERROR Exception running policy:phd-alerts account:events-staging region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:39:29,030: c7n_org:ERROR Exception running policy:phd-alerts account:events-staging region:us-west-2 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
2021-10-26 20:39:45,823: c7n_org:ERROR Exception running policy:phd-alerts account:devplatform-staging region:us-east-1 error:An error occurred (InvalidEventPatternException) when calling the PutRule operation: Event pattern is not valid. Reason: Empty objects are not allowed
@myoung34 myoung34 changed the title phd mode with security hub errors phd mode errors for no rule pattern Oct 27, 2021
@myoung34 myoung34 changed the title phd mode errors for no rule pattern phd mode errors for no event pattern Oct 27, 2021
@myoung34
Copy link
Contributor Author

@kapilt this seems to be a regression possibly for #6507

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@myoung34