[Integration][AWS] bug fix aws breaking the resync on permission issu…

…es (#1186) - **fix: do not exit resync on permission issues** - **docs: add version** # Description What - Do not stop the resync in case of permission issues Why - It breaks the API of what we had so far How - logging and evading permission errors thrown ## Type of change Please leave one option from the following and delete the rest: - [X] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] New Integration (non-breaking change which adds a new integration) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] Non-breaking change (fix of existing functionality that will not change current behavior) - [ ] Documentation (added/updated documentation) <h4> All tests should be run against the port production environment(using a testing org). </h4> ### Core testing checklist - [ ] Integration able to create all default resources from scratch - [ ] Resync finishes successfully - [ ] Resync able to create entities - [ ] Resync able to update entities - [ ] Resync able to detect and delete entities - [ ] Scheduled resync able to abort existing resync and start a new one - [ ] Tested with at least 2 integrations from scratch - [ ] Tested with Kafka and Polling event listeners - [ ] Tested deletion of entities that don't pass the selector ### Integration testing checklist - [ ] Integration able to create all default resources from scratch - [ ] Resync able to create entities - [ ] Resync able to update entities - [ ] Resync able to detect and delete entities - [ ] Resync finishes successfully - [ ] If new resource kind is added or updated in the integration, add example raw data, mapping and expected result to the `examples` folder in the integration directory. - [ ] If resource kind is updated, run the integration with the example data and check if the expected result is achieved - [ ] If new resource kind is added or updated, validate that live-events for that resource are working as expected - [ ] Docs PR link [here](#) ### Preflight checklist - [ ] Handled rate limiting - [ ] Handled pagination - [ ] Implemented the code in async - [ ] Support Multi account ## Screenshots Include screenshots from your environment showing how the resources of the integration will look. ## API Documentation Provide links to the API documentation used for this integration. --------- Co-authored-by: Shalev Avhar <[email protected]>
port-labs · Nov 26, 2024 · 52c9dfb · 52c9dfb
1 parent ef25e49
commit 52c9dfb
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 3 deletions.
diff --git a/integrations/aws/CHANGELOG.md b/integrations/aws/CHANGELOG.md
@@ -7,6 +7,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 <!-- towncrier release notes start -->
 
+## 0.2.63 (2024-11-25)
+
+
+### Bug Fixes
+
+- Do not break delete entities when a region is not accessible
+
 ## 0.2.62 (2024-11-25)
 
 
@@ -385,7 +392,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Bug Fixes
 
 - Add auto-discover for available regions in case global resources do not have permissions in default region
-- Add access denied handler to STS:AssumeRole 
+- Add access denied handler to STS:AssumeRole
 - Add access denied handler to custom kind resync
 
 

diff --git a/integrations/aws/main.py b/integrations/aws/main.py
@@ -101,6 +101,10 @@ async def resync_resources_for_account(
                 ):
                     yield batch
             except Exception as exc:
+                if is_access_denied_exception(
+                    exc
+                ):  # skip access denied errors since we do not want to skip deleting resources from port
+                    continue
                 regions.append(session.region_name)
                 errors.append(exc)
                 continue

diff --git a/integrations/aws/pyproject.toml b/integrations/aws/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "aws"
-version = "0.2.62"
+version = "0.2.63"
 description = "This integration will map all your resources in all the available accounts to your Port entities"
 authors = ["Shalev Avhar <[email protected]>", "Erik Zaadi <[email protected]>"]
 

diff --git a/integrations/aws/utils/resources.py b/integrations/aws/utils/resources.py
@@ -255,5 +255,10 @@ async def resync_cloudcontrol(
                 if not next_token:
                     break
             except Exception as e:
-                logger.error(f"Error resyncing {kind} in region {region}, {e}")
+                if is_access_denied_exception(e):
+                    logger.warning(
+                        f"Skipping resyncing {kind} in region {region} in account {account_id} due to missing access permissions"
+                    )
+                else:
+                    logger.error(f"Error resyncing {kind} in region {region}, {e}")
                 raise e