You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When running in log-level INFO mode, this is the output
Executing 1 check, please wait...
2024-06-07 13:52:53,152 [File: service.py:85] [Module: service] INFO: LAMBDA - Starting threads for 'List Functions' function across 17 regions...
2024-06-07 13:52:53,152 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,152 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,152 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,153 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,153 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,153 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,153 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,153 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,154 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,154 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,667 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: ca-central-1 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:53,667 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,837 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,906 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: eu-west-3 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:53,906 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,908 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: eu-west-1 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:53,913 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: ap-southeast-2 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:53,913 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,914 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,919 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: eu-central-1 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:53,919 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,936 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: ap-northeast-1 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:53,936 [File: awslambda_service.py:29] [Module: awslambda_service] INFO: Lambda - Listing Functions...
2024-06-07 13:52:53,979 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: sa-east-1 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:53,991 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: eu-north-1 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:54,034 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: us-west-1 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:54,175 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: eu-west-2 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:54,221 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: ap-south-1 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:54,427 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: ap-southeast-1 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:54,488 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: ap-northeast-3 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:54,630 [File: awslambda_service.py:59] [Module: awslambda_service] ERROR: ap-northeast-2 -- ClientError[32]: An error occurred (AccessDeniedException) when calling the ListFunctions operation: User: <ARN> is not authorized to perform: lambda:ListFunctions on resource: * with an explicit deny in a service control policy
2024-06-07 13:52:54,630 [File: awslambda_service.py:158] [Module: awslambda_service] INFO: Lambda - List Tags...
2024-06-07 13:52:59,531 [File: service.py:85] [Module: service] INFO: LAMBDA - Starting threads for 'Get Policy' function across 17 regions...
2024-06-07 13:52:59,535 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,536 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,535 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,537 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,535 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,535 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,539 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,539 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,540 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,535 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,536 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,537 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,537 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,537 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,535 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,537 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:52:59,536 [File: awslambda_service.py:106] [Module: awslambda_service] INFO: Lambda - Getting Policy...
2024-06-07 13:53:01,307 [File: service.py:85] [Module: service] INFO: LAMBDA - Starting threads for 'Get Function Url Config' function across 17 regions...
2024-06-07 13:53:01,307 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,307 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,308 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,308 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,309 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,308 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,308 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,308 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,308 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,308 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,308 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,308 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,309 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,308 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,313 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,314 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:01,314 [File: awslambda_service.py:129] [Module: awslambda_service] INFO: Lambda - Getting Function URL Config...
2024-06-07 13:53:05,012 [File: awslambda_service.py:66] [Module: awslambda_service] INFO: Lambda - Getting Function Code...
When running in log-level debug, the last thing that would print out is DEBUG: https://awslambda-us-west-2-tasks.s3.us-west-2.amazonaws.com:443 "GET /snapshots/<account ID>/<function name>
I have tested this check, and it works on other accounts.
Expected behavior
I expect the scan to complete. The ClientErrors due to have service control polices is fine. I expect the scan to finish with no results if it is due to a permission problem.
Actual Result with Screenshots or Logs
In description above.
How did you install Prowler?
From pip package (pip install prowler)
Environment Resource
Prowler 4.2.4 (You are running the latest version, yay!)
OS used
MacOS
Prowler version
4.2.4
Pip version
24
Context
No response
The text was updated successfully, but these errors were encountered:
Hi @js37 it seems that Prowler is just executing that check. It can take a lot of time if you have a lot of lambdas with a great codebase since Prowler analyzes all the source code in memory while running the check.
How many AWS Lambda Functions do you have in that account?
Steps to Reproduce
When running this awslambda check on an account that has Landing Zone Accelerator deployed, Prowler gets stuck.
prowler aws -c awslambda_function_no_secrets_in_code
When running in log-level INFO mode, this is the output
When running in log-level debug, the last thing that would print out is
DEBUG: https://awslambda-us-west-2-tasks.s3.us-west-2.amazonaws.com:443 "GET /snapshots/<account ID>/<function name>
I have tested this check, and it works on other accounts.
Expected behavior
I expect the scan to complete. The ClientErrors due to have service control polices is fine. I expect the scan to finish with no results if it is due to a permission problem.
Actual Result with Screenshots or Logs
In description above.
How did you install Prowler?
From pip package (pip install prowler)
Environment Resource
Prowler 4.2.4 (You are running the latest version, yay!)
OS used
MacOS
Prowler version
4.2.4
Pip version
24
Context
No response
The text was updated successfully, but these errors were encountered: