group_rules.yaml; You have an error in your SQL syntax
36 views
Skip to first unread message
Mike Williams
Oct 19, 2020, 1:39:09 PM10/19/20
to Forseti Security Discussion
Hi,
Does someone out there have some examples of group_rules.yaml doing anything interesting?
If I put an email address in group_email I just get a mysql error.
sqlalchemy.exc.ProgrammingError: (pymysql.err.ProgrammingError) (1064, 'You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near \'), 1603127865285447, \'{\\"member_email\\": \\"examplevio...@domain.tld\\", \' at line 1') [SQL: 'INSERT INTO violations (created_at_datetime, full_name, resource_data, resource_name, resource_id, resource_type, rule_index, rule_name, scanner_index_id, violation_data, violation_hash, violation_message, violation_type) VALUES (%(created_at_datetime)s, %(full_name)s, %(resource_data)s, %(resource_name)s, %(resource_id)s, %(resource_type)s, %(rule_index)s, %(rule_name)s, %(scanner_index_id)s, %(violation_data)s, %(violation_hash)s, %(violation_message)s, %(violation_type)s)'] [parameters: {'created_at_datetime': datetime.datetime(2020, 10, 19, 17, 18, 1, 190051), 'full_name': 'my_customer:group/examplevio...@domain.tld', 'resource_data': 'examplevio...@domain.tld', 'resource_name': 'examplevio...@domain.tld', 'resource_id': 'examplevio...@domain.tld', 'resource_type': 'group_member', 'rule_index': 0, 'rule_name': [], 'scanner_index_id': 1603127865285447, 'violation_data': '{"member_email": "examplevio...@domain.tld", "member_id": "group/examplevio...@domain.tld", "member_status": "ACTIVE", "member_type ... (1 characters truncated) ... : "group", "parent_email": "my_customer", "parent_id": "my_customer", "parent_resource_type": null, "parent_status": null, "violated_rule_names": []}', 'violation_hash': '58b3647f4e879a25d59edc7c400a2a4d5f1c8f48521a85ddf49a585a9a6fc8cd7e2ad4dff57ea659f8c28405826624d35f06c3bb2001f6707b67bf74174a7e72', 'violation_message': '', 'violation_type': 'GROUP_VIOLATION'}] (Background on this error at: http://sqlalche.me/e/f405)"
This is the rule I'm trying to use.
- name: Blacklist a group by name example
group_email: examplevio...@domain.tld
mode: blacklist
conditions:
- member_email: "@domain.tld"
The example rule (group_email: my_customer) works.
Thanks
Mike
HaveAnO
Oct 20, 2020, 2:08:31 AM10/20/20
to Mike Williams, Forseti Security Discussion
Hi Mike,
I have something like that:
- name: group...@company.com group.
group_email: group...@company.com
mode: whitelist
conditions:
- member_email: us...@gmail.com
- member_email: us...@gmail.com
- member_email: us...@othercompany.com
group_email: group...@company.com
mode: whitelist
conditions:
- member_email: us...@gmail.com
- member_email: us...@gmail.com
- member_email: us...@othercompany.com
I also got this error, but i do not remember how i resolved it :/
--
You received this message because you are subscribed to the Google Groups "Forseti Security Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss+u...@forsetisecurity.org.
To view this discussion on the web visit https://groups.google.com/a/forsetisecurity.org/d/msgid/discuss/11120c96-4617-4264-bebc-7cb3f948ce1en%40forsetisecurity.org.
Reply all
Reply to author
Forward
Message has been deleted
0 new messages