[Integration][AWS] throw error if no permissions on region (#889)

# Description What - We have implemented blacklist error handling for AWS errors in our system. This ensures that certain AWS error types are specifically caught and handled differently from other errors. Why - Each AWS resource handles "not found" errors differently, making it challenging to distinguish between a resource not being found and an actual error in the system. This inconsistency can lead to misinterpretation of errors and inappropriate error handling. By adding blacklist error handling, we can provide more accurate and consistent error handling across different AWS resources. How - We have introduced a blacklist mechanism that explicitly catches specific AWS error codes related to "not found" scenarios. These error codes are then handled separately from other types of errors, allowing us to treat them as non-critical issues and proceed accordingly. This ensures that our system can gracefully handle situations where AWS resources are legitimately not found without mistaking them for system errors. This approach improves our system's robustness and reliability in interacting with AWS services. ## Type of change Please leave one option from the following and delete the rest: - [X] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] New Integration (non-breaking change which adds a new integration) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] Non-breaking change (fix of existing functionality that will not change current behavior) - [ ] Documentation (added/updated documentation) ## Screenshots Include screenshots from your environment showing how the resources of the integration will look. ## API Documentation Provide links to the API documentation used for this integration. --------- Co-authored-by: Shalev Avhar <[email protected]>
port-labs · Aug 8, 2024 · 2e169bf · 2e169bf
1 parent 77e18ce
commit 2e169bf
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 2 deletions.
diff --git a/integrations/aws/CHANGELOG.md b/integrations/aws/CHANGELOG.md
@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 <!-- towncrier release notes start -->
 
+# Port_Ocean 0.2.25 (2024-08-05)
+
+### Improvements
+
+- Add live events error handling
+
 # Port_Ocean 0.2.24 (2024-08-05)
 
 ### Improvements

diff --git a/integrations/aws/main.py b/integrations/aws/main.py
@@ -33,6 +33,7 @@
     CustomProperties,
     ResourceKindsWithSpecialHandling,
     is_access_denied_exception,
+    is_server_error,
 )
 
 
@@ -224,7 +225,21 @@ async def webhook(update: ResourceUpdate, response: Response) -> fastapi.Respons
                 resource = await describe_single_resource(
                     resource_type, identifier, account_id, region
                 )
-            except Exception:
+            except Exception as e:
+                if is_access_denied_exception(e):
+                    logger.error(
+                        f"Cannot sync {resource_type} in region {region} in account {account_id} due to missing access permissions {e}"
+                    )
+                    return fastapi.Response(
+                        status_code=status.HTTP_200_OK,
+                    )
+                if is_server_error(e):
+                    logger.error(
+                        f"Cannot sync {resource_type} in region {region} in account {account_id} due to server error {e}"
+                    )
+                    return fastapi.Response(
+                        status_code=status.HTTP_200_OK,
+                    )
                 resource = None
 
             for kind in matching_resource_configs:

diff --git a/integrations/aws/pyproject.toml b/integrations/aws/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "aws"
-version = "0.2.24"
+version = "0.2.25"
 description = "This integration will map all your resources in all the available accounts to your Port entities"
 authors = ["Shalev Avhar <[email protected]>", "Erik Zaadi <[email protected]>"]
 

diff --git a/integrations/aws/utils/misc.py b/integrations/aws/utils/misc.py
@@ -32,6 +32,14 @@ def is_access_denied_exception(e: Exception) -> bool:
     return False
 
 
+def is_server_error(e: Exception) -> bool:
+    if hasattr(e, "response"):
+        status = e.response.get("ResponseMetadata", {}).get("HTTPStatusCode")
+        return status >= 500
+
+    return False
+
+
 def get_matching_kinds_and_blueprints_from_config(
     kind: str,
 ) -> dict[str, list[str]]: