[bug] Error with AWS CLI V2 with a profile's default output being changed

[Kirizan]

I discovered when I was running prowler with AWS CLI V2, I was getting the following error three times at the start of the script: parse error: Invalid numeric literal at line 1, column 8

Since the scans still ran, I didn't think much of it, until I got to extra72, then I started getting some very odd behavior. The scan extra72 was giving a lot of unable to DescribeSnapshotAttributes errors. I took the following steps to troubleshoot:

1. When I looked the snapshots that were being checked, they were snapshots attached to AMI's, and didn't belong to the account.
2. I added a few lines of output to the extra72 scan and discovered the environment variable ACCOUNT_NUM was never being set.
3. I ran the command found in the include/whoami script, the one on line 16, and discovered the output was not in JSON, which caused the next few lines to fail.

To fix this issue, I did the following:

• I added the flag --output json to the command on line 16, and when I reran extra72, everything worked as expected.

I adjusted the default output because when I'm running the commands myself, I prefer yaml, so I don't want to change the profile defaults back to yaml. I don't know where else in the project JSON output is relied on, but it seems those commands need the --output json flag added to them to ensure you are getting the output you expect.

Steps to reproduce this error:

1. Add output = yaml (or any other valid output) to your profile in the .aws/config file
2. Run Prowler, you should see the error parse error: Invalid numeric literal at line 1, column 8 3 times right away.
3. Any check that relies on the ACCOUNT_NUM environment variable will not run as expected

Addition potential issues:
Anywhere JSON output is expected and needed for something to work would be effected by this, and would require the --output json flag added to the command. Additionally, the environment variable AWS_DEFAULT_OUTPUT could be set to json and that should override any settings from the config file.

[toniblyx]

Ok, thanks @Kirizan, how is this issue related to #695 ? Good catch on the sts get-caller.... without output set. Can you please send a PR with that fix? Thanks again!

[Kirizan]

@toniblyx What branch would you like me to push the PR to? Also, where else is JSON expected in an aws command? The change to the whoami file might not be the only place the fix is needed. Once my current scan is finished I'll see if that error pops up anywhere else and test it. I'll also see if I can get the environment variable working, that might be the best fix so that it applies everywhere, not just on a few commands.

It's only related to #695 if Casey has changed the default output. Otherwise that issues is seperate.

[toniblyx]

--outpu text is globally used in most of the commands. Only few use json, so far I think that whoami is the only place that needs the change.

You can send it to master, I will review it first anyway. Thanks!

[zfLQ2qx2]

i raised #725 which fixes issues 695 and 696

[toniblyx]

@Kirizan can you confirm if #725 also address your issue? In my opinion it was a simpler way to fix it. In any case there are no other CLI commands without explicit output option.

[toniblyx]

This was fixed already.