From 3854de6979a09f81418a4d032555dc1ca8d77d27 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomas=20Sj=C3=B6berg?= <tomas.sjoberg@cloud2.net>
Date: Wed, 17 Sep 2025 12:48:50 +0200
Subject: [PATCH] enable inspector in mgmt account without error

---
 .../inspector/inspector_org/lambda/src/inspector.py       | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/aws_sra_examples/solutions/inspector/inspector_org/lambda/src/inspector.py b/aws_sra_examples/solutions/inspector/inspector_org/lambda/src/inspector.py
index 3bd16520c..22fe07997 100644
--- a/aws_sra_examples/solutions/inspector/inspector_org/lambda/src/inspector.py
+++ b/aws_sra_examples/solutions/inspector/inspector_org/lambda/src/inspector.py
@@ -131,6 +131,14 @@ def lookup_associated_accounts(inspector2_client: Inspector2Client, account_id:
         response = inspector2_client.get_member(accountId=account_id)
     except inspector2_client.exceptions.ResourceNotFoundException:
         return False
+    except inspector2_client.exceptions.InternalServerException as e:
+        error_message = e.response["Error"]["Message"]
+        if "The request is rejected because the given account ID is not an associated member of the current account." in error_message: 
+            associate_account(inspector2_client, account_id)
+            return True
+        else:
+            LOGGER.error(f"Internal server error. {e.response['Error']['Message']}")
+            raise
     except Exception as e:
         LOGGER.error(f"Failed to get inspector members. {e}")
         raise