aws_iam_user control fails when IAM user does not exist #960
Description
I'm trying to test whether my functional IAM user exists on my AWS accounts, I noticed that when the IAM user doesn't exist the control throws an error instead of just reporting as a failed control.
Describe the problem
Versions:
- inspec: 5.18.14
- inspec-aws: 1.83.53
- OS: windows 11 / WSL2 (Debian)
I'm expecting this control:
describe aws_iam_user('my-aws-iam-user') do
it { should exist }
end
to return below message when it doesn't actually exist
× is expected to exist
...
Test Summary: 0 successful, 1 failures, 0 skipped
But instead I'm receiving this output:
inspec exec lt-aws-profile -t aws://
[2022-12-23T09:25:51-03:00] WARN: AWS Service Error encountered running a control with Resource aws_iam_user. Error message: The user with name my-aws-iam-user cannot be found.. You should address this error to ensure your controls are behaving as expected.
Profile: AWS InSpec Profile (lt-aws-profile)
Version: 0.1.0
Target: aws://
Target ID: 0e766696-fc0b-5900-8def-279a5a75c984
AWS IAM User
↺ undefined method `arn' for nil:NilClass
Profile: Amazon Web Services Resource Pack (inspec-aws)
Version: 1.83.53
Target: aws://
Target ID: 0e766696-fc0b-5900-8def-279a5a75c984
No tests executed.
Test Summary: 0 successful, 0 failures, 1 skipped
As you can see you can easily reproduce the problem by just specifying any IAM user you know in advance it doesn't exist in your AWS account.
Possible Solution
N/A