GCP firewall errors

[irivera007]

Please make sure that you have checked the boxes:

• Review the Quickstart guide
• Search for both open and closed issues regarding the problem you are experiencing
• [X ] For permissions issues (Access Denied and credential related errors), please refer to the requisite docs before submitting an issue:
  AWS, GCP, OpenStack, GitHub

Description of issue:

Hello security monkey team, first we love this tool, thank you for putting it all together.
We have been using on AWS and recently we started to use it on GCP and we noticed that we didn't get any firewall logs or information so we went an look at the logs and we found out:

    retval = job.func(*job.args, **job.kwargs)
  File "/usr/local/src/security_monkey/security_monkey/scheduler.py", line 135, in _audit_changes
    au.audit_objects()
  File "/usr/local/src/security_monkey/security_monkey/auditor.py", line 154, in audit_objects
    method(item)
  File "/usr/local/src/security_monkey/security_monkey/auditors/gcp/gce/firewall.py", line 135, in check_allowed
    (ok, errors) = self.inspect_allowed(item)
  File "/usr/local/src/security_monkey/security_monkey/auditors/gcp/gce/firewall.py", line 127, in inspect_allowed
    err = self._port_range_exists(item.config.get('Allowed'))
  File "/usr/local/src/security_monkey/security_monkey/auditors/gcp/gce/firewall.py", line 50, in _port_range_exists
    for allowed in allowed_list:
TypeError: 'NoneType' object is not iterable```


 

[irivera007]

Error from above stopped showing up but all of the GCP firewall rules appear as empty on Security Monkey, I dont see any other indication of a failure

[devlinrcg]

Same here: latest develop branch, getting the same error.
Any updates on this?

[mikegrima]

I've had no cycles to work on this. Would welcome a PR.

[exenin]

I have the exact same error.
Upon debugging found that it was due to a a single firewall rule being added as Action Deny instead of Allow.
exenin@d04c912