def get_sts_session()

in customizations/AccountFactory/EnrollAccount/enroll_account.py [0:0]

• 25 lines of code
• 5 McCabe index (conditional complexity)

def get_sts_session(account_number, external_id):
    '''
    Assumes the provided role in each account and returns a session object
    :param account_number: AWS Account Number
    :param aws_region: AWS Region for the Client call
    :return: Session object for the specified AWS Account and Region
    '''

    response = {'Error': {'Code': 'Unknown'}}
    counter = 0

    while 'Error' in response and counter < len(ROLE_NAMES):
        if 'Code' in response['Error']:
            role_name = ROLE_NAMES[counter]
            response = try_assume_role(account_number, role_name, external_id)
            counter += 1
        else:
            LOGGER.error('Could not assume role: %s', response['Error'])
            response = dict()
            counter += 3

    if 'Credentials' in response:
        sts_session = boto3.Session(
            aws_access_key_id=response['Credentials']['AccessKeyId'],
            aws_secret_access_key=response['Credentials']['SecretAccessKey'],
            aws_session_token=response['Credentials']['SessionToken']
        )
        return sts_session