def toggle_flowlog()

in code/ct_flowlog_activator.py [0:0]

• 43 lines of code
• 13 McCabe index (conditional complexity)

def toggle_flowlog(target_session, accountId, resourceId, resourceType, flowLogTag, flowLogStatus, region):
    '''
    Toggle the Flow Log based on the expected results from the flow log tag. Check against current status.
    '''
    try:
        if flowLogTag > 0 and flowLogStatus == 0:
            LOGGER.info("Activating Flow Log on acc: {} resourceId: {} with filter mode: {}".format(accountId, resourceId, traffic_mode[flowLogTag]))
            response = create_flowlog(target_session, accountId, resourceId, resourceType, traffic_mode[flowLogTag], os.environ['s3bucket'], region)
            if response:
                LOGGER.info("Flow Log activated : {}".format(response['FlowLogIds']))
            else:
                LOGGER.error("Failed to activate flow log on acc: {} resourceId: {} with filter mode: {}".format(
                    accountId, resourceId, traffic_mode[flowLogTag]))

        elif flowLogTag <= 0 and flowLogStatus > 0:
            LOGGER.info("Disabling Flow Log on acc: {} resourceId: {} with filter mode: {}".format(accountId, resourceId, traffic_mode[flowLogTag]))
            response = delete_flowlog(target_session, accountId, resourceId, region)
            if response:
                LOGGER.info("Flow Log deleted : {}".format(response['ResponseMetadata']))
            else:
                LOGGER.error("Failed to disable Flow Log on acc: {} resourceId: {} with filter mode: {}".format(
                    accountId, resourceId, traffic_mode[flowLogTag]))

        elif flowLogTag > 0 and flowLogStatus > 0:
            delta = abs(flowLogTag - flowLogStatus)
            if delta > 0:
                LOGGER.info("Changing Flow Log on acc: {} resourceId: {} with filter mode: {}".format(accountId, resourceId, traffic_mode[flowLogTag]))
                delete_response = delete_flowlog(target_session, accountId, resourceId, region)
                if delete_response:
                    LOGGER.debug("Original Flow Log deleted: {}".format(delete_response['ResponseMetadata']))
                else:
                    LOGGER.error("Failed to delete Flow Log on acc: {} resourceId: {} with filter mode: {}".format(
                        accountId, resourceId, traffic_mode[flowLogTag]))

                create_response = create_flowlog(target_session, accountId, resourceId, resourceType, traffic_mode[flowLogTag], os.environ['s3bucket'], region)
                if create_response:
                    LOGGER.info("Flow Log modified : {}".format(create_response['FlowLogIds']))
                else:
                    LOGGER.error("Failed to create flow log on acc: {} resourceId: {} with filter mode: {}".format(
                        accountId, resourceId, traffic_mode[flowLogTag]))

            else:
                LOGGER.info("No changes for Flow Log on acc: {} resourceId: {} with filter mode: {}".format(accountId, resourceId, traffic_mode[flowLogTag]))
        else:
            LOGGER.info("No changes for Flow Log on acc: {} resourceId: {} with filter mode: {}".format(accountId, resourceId, traffic_mode[flowLogTag]))

    except Exception as e:
        LOGGER.error("Failed to modify Flow Log : {}".format(e), exc_info=True)