Skip to content
This repository was archived by the owner on Sep 17, 2021. It is now read-only.
This repository was archived by the owner on Sep 17, 2021. It is now read-only.

KeyError: 'DisplayName' during GCP service account import #696

Closed
Closed
KeyError: 'DisplayName' during GCP service account import#696
@shrikant-builds

Description

@shrikant-builds
shrikant-builds
opened on Apr 25, 2017

I see following errors in /var/log/securitymonkey.log for GCP iamserviceaccounts

2017-04-25 20:43:38,813 INFO: Started thread pool with 25 core threads and 30 maximum threads [in build/bdist.linux-x86_64/egg/apscheduler/threadpool.py:52]
Traceback (most recent call last):
File "/usr/local/src/security_monkey/venv/bin/monkey", line 11, in <module>
load_entry_point('security-monkey', 'console_scripts', 'monkey')()
File "/usr/local/src/security_monkey/security_monkey/manage.py", line 625, in main
manager.run()
File "/usr/local/src/security_monkey/venv/lib/python2.7/site-packages/Flask_Script-0.6.3-py2.7.egg/flask_script/init.py", line 397, in run
result = self.handle(sys.argv[0], sys.argv[1:])
File "/usr/local/src/security_monkey/venv/lib/python2.7/site-packages/Flask_Script-0.6.3-py2.7.egg/flask_script/init.py", line 376, in handle
return handle(app, positional_args, **kwargs)
File "/usr/local/src/security_monkey/venv/lib/python2.7/site-packages/Flask_Script-0.6.3-py2.7.egg/flask_script/commands.py", line 145, in handle
return self.run(args, kwargs)
File "/usr/local/src/security_monkey/security_monkey/manage.py", line 77, in find_changes
sm_find_changes(account_names, monitor_names)
File "/usr/local/src/security_monkey/security_monkey/scheduler.py", line 52, in find_changes
(items, exception_map) = cw.slurp()
File "/usr/local/src/security_monkey/security_monkey/watchers/gcp/iam/serviceaccount.py", line 84, in slurp
return slurp_items()
File "/usr/local/src/security_monkey/venv/lib/python2.7/site-packages/cloudaux-1.1.8-py2.7.egg/cloudaux/gcp/decorators.py", line 132, in decorated_function
itm, exc = func(*args, kwargs)
File "/usr/local/src/security_monkey/security_monkey/watchers/gcp/iam/serviceaccount.py", line 75, in slurp_items
name=sa['DisplayName'],
KeyError: 'DisplayName'

for serviceaccounts, 'displayName' field is optional, we need to use either 'email', or name (parse and extract)
https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts#ServiceAccount

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions