From 2d7d669d768c45f963d5153d8d9982fde450e4e7 Mon Sep 17 00:00:00 2001
From: Pengyuan Zhao <PengyuanZhao@users.noreply.github.com>
Date: Tue, 15 Oct 2024 14:25:54 -0400
Subject: [PATCH] chore(GROW-2960): support access keys for AWS Agentless
 multiple scanning regions  (#1659)

* chore(GROW-2960): support custerm attributes for AWS Agentless scanning acounts

* chore: fix gitlint workflow

* chore: add sudo

* chore: another try

* chore: another try

* chore: another try
---
 .github/workflows/commit-lint.yml |  2 +-
 lwgenerate/aws/aws.go             | 24 ++++++++++++++++++------
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/commit-lint.yml b/.github/workflows/commit-lint.yml
index 5fec51c26..21612a925 100644
--- a/.github/workflows/commit-lint.yml
+++ b/.github/workflows/commit-lint.yml
@@ -16,7 +16,7 @@ jobs:
       - name: Install gitlint
         shell: bash
         run: |
-          python -m pip install gitlint
+          python -m pip install gitlint --break-system-packages
 
       - name: Run gitlint
         shell: bash
diff --git a/lwgenerate/aws/aws.go b/lwgenerate/aws/aws.go
index e8110803c..e9ea8a5f9 100644
--- a/lwgenerate/aws/aws.go
+++ b/lwgenerate/aws/aws.go
@@ -909,22 +909,34 @@ func createAwsProvider(args *GenerateAwsTfConfigurationArgs) ([]*hclwrite.Block,
 	seenAccounts := []string{}
 
 	for _, account := range accounts {
-		alias := fmt.Sprintf("%s-%s", account.AwsProfile, account.AwsRegion)
+		alias := account.AwsRegion
 		if account.Alias != "" {
 			alias = account.Alias
+		} else if account.AwsProfile != "" {
+			alias = fmt.Sprintf("%s-%s", account.AwsProfile, account.AwsRegion)
 		}
 		// Skip duplicate account
 		if slices.Contains(seenAccounts, alias) {
 			continue
 		}
 		seenAccounts = append(seenAccounts, alias)
+
+		attributes := map[string]interface{}{}
+		// set `access_key`, `secret_key` and `token` for single-account multiple-region Agentless
+		if args.Agentless {
+			for k, v := range args.ExtraProviderArguments {
+				attributes[k] = v
+			}
+		}
+		attributes["alias"] = alias
+		attributes["region"] = account.AwsRegion
+		if args.AwsProfile != "" {
+			attributes["profile"] = account.AwsProfile
+		}
+
 		providerBlock, err := lwgenerate.NewProvider(
 			"aws",
-			lwgenerate.HclProviderWithAttributes(map[string]interface{}{
-				"alias":   alias,
-				"profile": account.AwsProfile,
-				"region":  account.AwsRegion,
-			}),
+			lwgenerate.HclProviderWithAttributes(attributes),
 		).ToBlock()
 		if err != nil {
 			return nil, err