aws-security-reference-architecture-examples icon indicating copy to clipboard operation
aws-security-reference-architecture-examples copied to clipboard

Published 20 hours ago verified publisher icon aws-samples

[BUG] SRA-GUARDDUTY An error occurred (BadRequestException) when calling the EnableOrganizationAdminAccount operation

Open gcasilva opened this issue 2 years ago • 3 comments

Describe the bug

When running SRA Guardduty on a new AWS Account for the first time the error below can be seen:

"Traceback (most recent call last):\n File "/var/task/crhelper/resource_helper.py", line 204, in _wrap_function\n self.PhysicalResourceId = func(self._event, self._context) if func else ''\n File "/var/task/app.py", line 268, in process_cloudformation_event\n process_create_update_event(params, regions)\n File "/var/task/app.py", line 193, in process_create_update_event\n guardduty.process_organization_admin_account(params.get("DELEGATED_ADMIN_ACCOUNT_ID", ""), regions)\n File "/var/task/guardduty.py", line 86, in process_organization_admin_account\n guardduty_client.enable_organization_admin_account(AdminAccountId=admin_account_id)\n File "/opt/python/botocore/client.py", line 530, in _api_call\n return self._make_api_call(operation_name, kwargs)\n File "/opt/python/botocore/client.py", line 964, in _make_api_call\n raise error_class(parsed_response, operation_name)\nbotocore.errorfactory.BadRequestException: An error occurred (BadRequestException) when calling the EnableOrganizationAdminAccount operation: The request is rejected because an invalid or out-of-range value is specified as an input parameter."

If we re-run the Cloudformation template then everything works correctly.

To Reproduce

Using SRA Guardduty on a new AWS Account (Management Account with Control Tower enabled) for the first time. On second execution everything works correctly and this error doesn't show up anymore.

Expected behavior

A clear and concise description of what you expected to happen.

Screenshots

If applicable, add screenshots to help explain your problem.

Deployment Environment (please complete the following information)

  • Deployment Framework [e.g. Customizations for Control Tower and CloudFormation StackSets]:
  • Deployment Framework Version [e.g. 1.0, 2.0]:

Additional context

Add any other context about the problem here.

gcasilva avatar Sep 29 '23 23:09 gcasilva

I'm getting the same bug. It looks like there is a param issue.

BlakePierantoni avatar Oct 12 '23 11:10 BlakePierantoni

@BlakePierantoni I've tested this again with the last commit that was made and wasn't able to replicate the issue anymore, so I was going to close this one, but wanted to check if you're still having it on your scenario. Can you please test this again in the scenario you were having the issue to check if it's happening to you still? Thanks

gcasilva avatar Nov 02 '23 15:11 gcasilva

@gcasilva, yeah I tested this again and the issue is resolved. I didn't change anything in terms of config/deployment.

BlakePierantoni avatar Nov 22 '23 15:11 BlakePierantoni

Closing. Issue resolved. Please reach out if more assistance is needed.

cyphronix avatar Jul 22 '24 21:07 cyphronix