terraform-aws-control_tower_account_factory icon indicating copy to clipboard operation
terraform-aws-control_tower_account_factory copied to clipboard

Published 20 hours ago verified publisher icon aws-ia

Remove email case sensitive of Control Tower shared accounts

Open fjromerom opened this issue 2 years ago • 1 comments

AFT Version: 1.4.0

Bug Description The version 1.4.0 introduced the ability to manage Audit, Logarchive and Management. I've run recently into an issue where AFT was unable to manage the Audit account because the email did not exactly match.

We already run into this issue in the past here https://github.com/aws-ia/terraform-aws-control_tower_account_factory/issues/90. I've looked into the current code and in fact it checks the email address matches with the same case.

https://github.com/aws-ia/terraform-aws-control_tower_account_factory/blob/6005cfe765ca05241ec20a1392c119baa6883e76/sources/aft-lambda-layer/aft_common/shared_account.py#L59

To Reproduce Steps to reproduce the behavior: Onboard a shared account using an email address with at least 1 letter with different case.

Expected behavior Since an email address is unique no matter the case used, AFT should not ensure strong case matching.

Thanks, Francisco

fjromerom avatar May 27 '22 17:05 fjromerom

Thanks for bringing this up @fjromerom, I'll go ahead and bring this up with the team

balltrev avatar May 27 '22 18:05 balltrev

Hi @fjromerom,

AFT 1.8.0 resolves this issue. Thanks for the report!

stumins avatar Jan 18 '23 20:01 stumins