Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWSConfig - macie2.amazonaws.com AccessDenied when macie not enabled. #8546

Closed
mikereiddigital opened this issue Nov 20, 2024 · 2 comments
Closed

AWSConfig - macie2.amazonaws.com AccessDenied when macie not enabled. #8546

mikereiddigital opened this issue Nov 20, 2024 · 2 comments
Labels
bug Something isn't working

Comments

@mikereiddigital
Copy link
Contributor

Expected Behavior

The nightly AWSConfig job should run without error. This is defined here - https://github.com/ministryofjustice/modernisation-platform-terraform-baselines/tree/1f1fc92e9702580a44a9f965f2cf77807f70db36/modules/config

Actual Behavior

The nightly run throws an AccessDenied error in those accounts where macie is not configured. See the following cloudtrail events as examples:

23ddb7cd-9694-47fa-b5e0-47f9e0cf78d2

and

77754602-5752-48ca-90ed-6aedcb56c5bf

This is a known issue re https://repost.aws/questions/QU8ZC1xd9BQV2vnGkod7gQww/macie-not-enabled-means-false-positive-accessdeniedexceptions-in-cloudtrail

The above link also offers some guidance as to how this can be resolved / mitigated.

Steps to Reproduce the Problem

AWSConfig runs nightly.

Version

No response

Modules

https://github.com/ministryofjustice/modernisation-platform-terraform-baselines/tree/1f1fc92e9702580a44a9f965f2cf77807f70db36/modules/config

Account

modernisation-platform
@mikereiddigital mikereiddigital added the bug Something isn't working label Nov 20, 2024
@mikereiddigital mikereiddigital mentioned this issue Nov 20, 2024
Closed
2 tasks
@SimonPPledger
Copy link
Contributor

we want to remove macie instead, so close this ticket and create a new one

@SimonPPledger SimonPPledger mentioned this issue Nov 21, 2024
Closed
3 tasks
@SimonPPledger
Copy link
Contributor

closing as not required

@SimonPPledger SimonPPledger closed this as not planned Won't fix, can't repro, duplicate, stale Nov 21, 2024
@github-project-automation github-project-automation bot moved this from To Do to Done in Modernisation Platform Nov 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
Modernisation Platform
Status: Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mikereiddigital @SimonPPledger