in code/ct_flowlog_activator.py [0:0]
def child_handler(event, context):
account_id = event['account']
try:
partition = context.invoked_function_arn.split(":")[1]
region = region = str(context.invoked_function_arn).split(":")[3]
target_session = assume_role(account_id, os.environ['assume_role'], os.environ['org_id'])
vpc_ids = get_vpc_by_region(target_session, account_id, region)
for vpc in vpc_ids:
if 'Tags' in vpc:
tags = parse_ec2_tag(vpc['Tags'])
flow_log_handler(target_session, event, partition, vpc['VpcId'], 'VPC', tags, account_id, region)
else:
flow_log_handler(target_session, event, partition, vpc['VpcId'], 'VPC', {}, account_id, region)
subnet_ids = get_subnet_by_region(target_session, account_id, region)
for subnet in subnet_ids:
if 'Tags' in subnet:
tags = parse_ec2_tag(subnet['Tags'])
flow_log_handler(target_session, event, partition, subnet['SubnetId'], 'Subnet', tags, account_id, region)
except BaseException as error:
LOGGER.error(f"Error while assuming role in {account_id} and attempting to alter vpc flow log settings: {error}")
LOGGER.error('exception trace: ', exc_info=True)