Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Memory leakage in aws lambda scanning mechanism #2516

Closed
Moshikol opened this issue Jun 20, 2023 · 2 comments
Closed

[Bug]: Memory leakage in aws lambda scanning mechanism #2516

Moshikol opened this issue Jun 20, 2023 · 2 comments
Assignees
@jfagoagas
Labels
feature-request New feature request for Prowler. provider/aws Issues/PRs related with the AWS provider

Comments

@Moshikol
Copy link

Steps to Reproduce

Run prowler on an aws account with large amount of lambda functions.
The command we used to run prowler python package
prowler aws --severity critical high -M json -o . -F output --quiet --filter-region us-east-1

Expected behavior

Prowler will run and finish the scan and provide findings.

Actual Result with Screenshots or Logs

The system has terminated Prowler's process due to extensive memory usage.

How did you install Prowler?

From pip package (pip install prowler)

Environment Resource

Docker container on AWS Fargate

OS used

Python 3.9 Docker image

Prowler version

3.5.1

Pip version

pip 23.01

Context

Issue Description:
We encountered Prowler process being killed by the system (docker container) and exiting with -9 status code, which happened on large-scale aws users which a large amount of lambda functions in their AWS accounts.
What we tried:

  • Increasing the file descriptors.
  • Increasing the CPUs and memory of the container.

After investigating the code of the awslambd service of Prowler, we found out the logic of this service is zipping all of the lambda functions codes in self.functions Lambda class property.
This situation results in a memory overload when there are a lot of lambda functions in the scanned account.
here is a screenshot of the code snippet:
image
@Moshikol Moshikol added bug status/needs-triage Issue pending triage labels Jun 20, 2023
@jfagoagas
Copy link
Member

jfagoagas commented Jun 20, 2023
edited

Hi @Moshikol, this is a known issue of the awslambda service that happens if you execute the awslambda_function_no_secrets_in_code check as you can see here:

prowler/prowler/providers/aws/services/awslambda/awslambda_service.py

Line 32 in 4359114

"awslambda_function_no_secrets_in_code"

We have planned to improve this code just to clean each Lambda upon execution but for now I recommend you to exclude the check using the following flag:
--excluded-checks awslambda_function_no_secrets_in_code

Thanks for using Prowler 🚀

@jfagoagas jfagoagas self-assigned this Jun 20, 2023
@jfagoagas jfagoagas added feature-request New feature request for Prowler. provider/aws Issues/PRs related with the AWS provider and removed bug status/needs-triage Issue pending triage labels Jun 20, 2023
@jfagoagas
Copy link
Member

Hi @Moshikol, we're closing this issue. Please feel free to reopen it if you notice the same behaviour again or you can provide us additional information.

Thanks for using Prowler 🚀

Fennerr pushed a commit to Fennerr/prowler that referenced this issue Dec 5, 2023
@JustinMoorcroft
initial fix for issue prowler-cloud#2516
dedb03c
@Fennerr Fennerr mentioned this issue Dec 5, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jfagoagas jfagoagas

Labels
feature-request New feature request for Prowler. provider/aws Issues/PRs related with the AWS provider
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jfagoagas @Moshikol