Administrative_Dashboard/lambda_functions/user_initiation/user_initiation.py [63:120]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - sts_client = boto3.client("sts", region_name=aws_region) account_id = sts_client.get_caller_identity()["Account"] username = str(event['detail']['serviceEventDetails']['eventRequestDetails']['userName']).replace(":", "/") print(username) userrole = username.split('/')[0] # create group groups = list_groups(account_id, aws_region) new = [] for group in groups: new.append(group['GroupName']) groups = new if userrole not in groups: try: response = create_group(userrole, account_id, aws_region) except Exception as e: if str(e).find('already exists.'): print(e) else: raise e # add user into group try: response = create_group_membership(username, userrole, account_id, aws_region) print(username + "is added into " + userrole) except Exception as e: raise e def _list( func_name: str, attr_name: str, account_id: str, aws_region: str, **kwargs, ) -> List[Dict[str, Any]]: qs_client = boto3.client('quicksight', region_name=aws_region) func: Callable = getattr(qs_client, func_name) response = func(AwsAccountId=account_id, **kwargs) next_token: str = response.get("NextToken", None) result: List[Dict[str, Any]] = response[attr_name] while next_token is not None: response = func(AwsAccountId=account_id, NextToken=next_token, **kwargs) next_token = response.get("NextToken", None) result += response[attr_name] return result def list_groups( account_id, aws_region ) -> List[Dict[str, Any]]: return _list( func_name="list_groups", attr_name="GroupList", Namespace='default', account_id=account_id, aws_region=aws_region ) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - granular_access/lambda_functions/user_init/user_init.py [62:120]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - sts_client = boto3.client("sts", region_name=aws_region) account_id = sts_client.get_caller_identity()["Account"] username = str(event['detail']['serviceEventDetails']['eventRequestDetails']['userName']).replace(":", "/") print(username) userrole = username.split('/')[0] # create group groups = list_groups(account_id, aws_region) new = [] for group in groups: new.append(group['GroupName']) groups = new if userrole not in groups: try: response = create_group(userrole, account_id, aws_region) except Exception as e: if str(e).find('already exists.'): print(e) else: raise e # add user into group try: response = create_group_membership(username, userrole, account_id, aws_region) print(username + "is added into " + userrole) except Exception as e: raise e def _list( func_name: str, attr_name: str, account_id: str, aws_region: str, **kwargs, ) -> List[Dict[str, Any]]: qs_client = boto3.client('quicksight', region_name=aws_region) func: Callable = getattr(qs_client, func_name) response = func(AwsAccountId=account_id, **kwargs) next_token: str = response.get("NextToken", None) result: List[Dict[str, Any]] = response[attr_name] while next_token is not None: response = func(AwsAccountId=account_id, NextToken=next_token, **kwargs) next_token = response.get("NextToken", None) result += response[attr_name] return result def list_groups( account_id, aws_region ) -> List[Dict[str, Any]]: return _list( func_name="list_groups", attr_name="GroupList", Namespace='default', account_id=account_id, aws_region=aws_region ) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -