def run_prechecks()

in customizations/AccountFactory/EnrollAccount/enroll_account.py [0:0]

• 53 lines of code
• 13 McCabe index (conditional complexity)

def run_prechecks(data):
    ''' Run the prechecks and return the result'''

    precheck_result = dict()
    final_result = list()
    accounts = list()
    role_miss = ['AWSControlTowerExecution Role does not exist.',
                 ' This script will create the role']
    role_miss = "".join(role_miss)
    cr_msg = "Config Recorder exist. Need to be DELETED."
    dc_msg = "Delivery Channel exist. Need to be DELETED."
    non_ct_msg = 'Account provided is a Managed Account. NOT POSSIBLE TO ENROLL.'
    no_x_role = ['No organization level trusted role exist. Precheck INCOMPLETE.',
                 ' Run this script without -V option to create the role and proceed.']
    no_x_role = "".join(no_x_role)

    root_acc = STS.get_caller_identity()['Account']
    ct_accounts = list_from_stack_instances('AWSControlTowerBP-BASELINE-SERVICE-ROLES')

    for account in list_all_accounts():
        accounts.append(account['Id'])

    accounts.remove(root_acc)

    for account_id in data:
        if account_id in accounts:
            precheck_result = initialize_precheck(account_id)
            precheck_account_id = precheck_result[account_id]
            # Check for existence on AWSControlTowerExecution Role
            role_exists = does_ct_role_exists(account_id)
            if not role_exists:
                precheck_account_id['ErrDetails'].append(account_id + ": " + role_miss)

            # Check if the account is AWS Control Tower account
            if account_id in ct_accounts:
                precheck_account_id['ErrDetails'].append(account_id + ": " + non_ct_msg)
                precheck_account_id['ErrCount'] = precheck_account_id['ErrCount'] + 1

            else:
                # Check for existe∂nce of any Config Recorder/Delivery Channel
                target_session = get_sts_session(account_id, get_org_id())

                if target_session:
                    output = list_config_in_ct_regions(target_session)

                    for key in output:
                        header = account_id + ': ' + key
                        if len(output[key]['ConfigurationRecorders']) >= 1:
                            precheck_account_id['ErrCount'] = precheck_account_id['ErrCount'] + 1
                            precheck_account_id['ErrDetails'].append(header + ': ' + cr_msg)
                        if len(output[key]['DeliveryChannels']) >= 1:
                            precheck_account_id['ErrCount'] = precheck_account_id['ErrCount'] + 1
                            precheck_account_id['ErrDetails'].append(header + ': ' + dc_msg)
                else:
                    precheck_account_id['ErrCount'] = precheck_account_id['ErrCount'] + 1
                    precheck_account_id['ErrDetails'].append(account_id + ': ' + no_x_role)
                    precheck_account_id['ErrException'] = 1
            final_result.append(precheck_result)
        else:
            LOGGER.warning('Account Id %s not found in %s',
                           account_id, accounts)

    return final_result