Issues with skip_organization_units not excluding member accounts in CloudQuery AWS plugin

CloudQuery Plugins
1

Has anyone had success using skip_organization_units in the AWS plugin? I’ve verified that skip_member_accounts works, but skip_organization_units doesn’t seem to be properly excluding the member accounts within.

Here’s my config:

kind: source
spec:
  name: "aws-organization-test"
  path: cloudquery/aws
  registry: "github"
  version: "v19.2.0"
  tables: ["aws_*"]
  destinations: ["postgresql"]
  spec:
    org:
      admin_account:
        id: "account_id_here"
        role_arn: "arn:aws:iam::account_id_here:role/cloudquery-ro"
      member_role_name: "cloudquery-ro"
      skip_organization_units:
        - "ou-59si-xxxxxxx"
2

Looking into this now

3

It could be the version I’m running. It looks like it’s a bit behind.

4

Are you seeing any warnings or errors in the logs?

5

I did just try it under v22.19.0 and the same problem is exhibited. Unless I’m missing something you can see it here:

2023-12-13T14:32:18Z INF table sync finished client=075680810325:ap-northeast-1 errors=0 module=aws-src resources=6 table=aws_s3_buckets
6

So I looked into this… skip_organization_units is currently only used when you also specify a value for organization_units… I will look into a fix for this.

7

Would you mind opening up an issue on the CloudQuery GitHub for this?

https://github.com/cloudquery/cloudquery/issues/new?assignees=&labels=kind/bug&projects=&template=bug_report.yml&title=bug:+%3Ctitle%3E

8

@mutual-krill, have you been able to open that issue? It will help us track the work and plan.

9

Sorry @ben, I got pulled into some stuff yesterday afternoon and totally dropped the ball on this. I’ll take care of it this afternoon and will drop the link here.

Thanks for the reminder!

10

Thank you. No problem!

11
12

Thank you for opening that issue! We have opened a fix for it and hopefully, it will be merged and released in the next few days!

13

Awesome, thanks a bunch for the quick turnaround, Ben.

14

@mutual-krill - Just wanted to give you the heads up that we have released a new version of the AWS plugin to our Hub (hub.cloudquery.io) that contains the fix for the issue you raised: AWS Plugin Version 23.2.0

15

Thanks @ben, we’ll get that loaded up later today.

16

Great! Let us know if you have any issues.