Merge pull request #20 from cloudgraphdev/fix/iam-user-exception

fix: Fixed error scanning iamUsers without enough permissions

Author: tyler-dunkel

src/services/iamUser/data.ts

@@ -303,20 +303,22 @@ export const listVirtualMFADevices = async (
       try {
         iam.listVirtualMFADevices(
           args,
-          async (err: AWSError, data: ListVirtualMFADevicesResponse) => {
+          (err: AWSError, data: ListVirtualMFADevicesResponse) => {
             if (err) {
               errorLog.generateAwsErrorLog({
                 functionName: 'iam:listVirtualMFADevices',
                 err,
               })
             }
 
-            const { VirtualMFADevices = [], IsTruncated, Marker } = data
+            if (!isEmpty(data)) {
+              const { VirtualMFADevices = [], IsTruncated, Marker } = data
 
-            virtualMFADeviceList.push(...VirtualMFADevices)
+              virtualMFADeviceList.push(...VirtualMFADevices)
 
-            if (IsTruncated) {
-              listAllVirtualMFADevices(Marker)
+              if (IsTruncated) {
+                listAllVirtualMFADevices(Marker)
+              }
             }
 
             resolve(virtualMFADeviceList)
@@ -345,21 +347,18 @@ export const listIamUsers = async (
     iam.listUsers(
       { Marker: marker },
       async (err: AWSError, data: ListUsersResponse) => {
-        /**
-         * No data
-         */
-
-        if (isEmpty(data)) {
-          return resolve(result)
-        }
-
         if (err) {
           errorLog.generateAwsErrorLog({
             functionName: 'iam:listUsers',
             err,
           })
         }
 
+        // No data
+        if (isEmpty(data)) {
+          return resolve(result)
+        }
+
         const { Users: users = [], IsTruncated, Marker } = data
 
         users.map(user => {

src/services/index.ts

@@ -569,10 +569,10 @@ export default class Provider extends CloudGraph.Client {
 
     const config = await this.getAwsConfig(account)
     const { accountId } = await this.getIdentity(account)
-    try {
-      for (const resource of resourceNames) {
-        const serviceClass = this.getService(resource)
-        if (serviceClass && serviceClass.getData) {
+    for (const resource of resourceNames) {
+      const serviceClass = this.getService(resource)
+      if (serviceClass && serviceClass.getData) {
+        try {
           const data = await serviceClass.getData({
             regions: configuredRegions,
             config,
@@ -587,17 +587,19 @@ export default class Provider extends CloudGraph.Client {
             data,
           })
           this.logger.success(`${resource} scan completed`)
-        } else {
-          this.logger.warn(
-            `Skipping service ${resource} as there was an issue getting data for it. Is it currently supported?`
+        } catch (error: any) {
+          this.logger.error(
+            `There was an error scanning AWS sdk data for ${resource} resource`
           )
+          this.logger.debug(error)
         }
+      } else {
+        this.logger.warn(
+          `Skipping service ${resource} as there was an issue getting data for it. Is it currently supported?`
+        )
       }
-      this.logger.success(`Account: ${accountId} scan completed`)
-    } catch (error: any) {
-      this.logger.error('There was an error scanning AWS sdk data')
-      this.logger.debug(error)
     }
+    this.logger.success(`Account: ${accountId} scan completed`)
     return result
   }