Merge pull request #1312 from snyk/fix_crash_in_gcp_iam_binding

Fix crash in GCP iam binding middleware

pkg/middlewares/google_iam_binding_tranformer_test.go

@@ -18,6 +18,29 @@ func TestGoogleProjectIAMBindingTransformer_Execute(t *testing.T) {
 		expected           []*resource.Resource
 		mock               func(factory *terraform.MockResourceFactory)
 	}{
+		{
+			name: "Test that bindings with nil members does not cause any crash",
+			resourcesFromState: []*resource.Resource{
+				{
+					Type: google.GoogleStorageBucketIamBindingResourceType,
+					Attrs: &resource.Attributes{
+						"bucket":  "hey",
+						"role":    "storage.admin",
+						"members": nil,
+					},
+				},
+				{
+					Type: google.GoogleProjectIamBindingResourceType,
+					Attrs: &resource.Attributes{
+						"project": "coucou",
+						"role":    "storage.admin",
+						"members": nil,
+					},
+				},
+			},
+			expected: []*resource.Resource{},
+			mock:     nil,
+		},
 		{
 			"Test that project bindings are transformed into member",
 			[]*resource.Resource{

pkg/middlewares/google_iam_binding_transformer.go

@@ -39,7 +39,11 @@ func (m *GoogleIAMBindingTransformer) Execute(_, resourcesFromState *[]*resource
 
 		resName := *stateRes.Attrs.GetString(resField)
 		roleName := *stateRes.Attrs.GetString("role")
-		members, _ := stateRes.Attrs.Get("members")
+		members, exist := stateRes.Attrs.Get("members")
+
+		if !exist || members == nil {
+			continue
+		}
 
 		for _, member := range members.([]interface{}) {
 			id := fmt.Sprintf("%s/%s/%s", resName, roleName, member)