aws-sdk-go: GuardDuty API occasionally causes a serialization error
Version of AWS SDK for Go?
$ git describe --tags
v1.12.54-2-gf98ff350
$ git show
commit f98ff3505c17e44d349af899eb85e6b37a7953db (HEAD -> master, origin/master, origin/HEAD)
Merge: 4dd51c2f 5db34a6d
Author: awstools <aws-dr-tools-github-user@amazon.com>
Date: Fri Dec 29 10:14:11 2017 -0800
Merge pull request #1715 from aws/release
Release v1.12.54
Version of Go (go version
)?
$ go version
go version go1.9.2 darwin/amd64
What issue did you see?
GuardDuty inconsistently returns an extra field - imageDescription - when calling the GetFindings resource. The interesting thing is that this field is present in the GuardDuty UI when the “Resource affected” section contains EC2 instance details. However, the field is missing in the official API documentation (https://docs.aws.amazon.com/guardduty/latest/ug/get-findings.html) and the SDK’s JSON spec (https://github.com/aws/aws-sdk-go/blob/master/models/apis/GuardDuty/2017-11-28/api-2.json).
The response body includes the following fragment:
"resource": {
"instanceDetails": {
"imageDescription": "null",
Another example:
"resource": {
"instanceDetails": {
"imageDescription": "AMI backup for app server",
When the response contains the field, it results in the following error:
SerializationError: failed decoding JSON RPC response
caused by: unsupported value: <nil> (*string)
Steps to reproduce
This might be tricky to test at your end unless you have real GuardDuty “findings.” The sample data that can be generated under Settings | General does not include full instance data, so the field is not present. Here’s some sample code for you:
package main
import (
"log"
"os"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/guardduty"
)
func main() {
session, _ := session.NewSession(&aws.Config{
LogLevel: aws.LogLevel(aws.LogDebugWithHTTPBody),
})
svc := guardduty.New(session)
svc.AddDebugHandlers()
findingIdsList, awsErr := svc.ListFindings(&guardduty.ListFindingsInput{
DetectorId: aws.String(os.Getenv("DETECTOR_ID")),
})
if awsErr != nil {
log.Fatalln(awsErr.Error())
}
findingsList, awsErr := svc.GetFindings(&guardduty.GetFindingsInput{
DetectorId: aws.String(os.Getenv("DETECTOR_ID")),
FindingIds: findingIdsList.FindingIds,
})
// will show any Finding that was successfully serialized
log.Println(findingsList)
if awsErr != nil {
log.Fatalln(awsErr)
}
}
About this issue
- Original URL
- State: closed
- Created 7 years ago
- Comments: 21 (11 by maintainers)
@philm - The service is looking into. Will follow up when I have more information.