in aws-cloudknox-controltower/lambda/CloudKnox_TriggerLifecycleEvent.py [0:0]
def add_cloudknox_account(api_id,access_token,service_id,timestamp,url,
cloudknox_sentry_account_id,acc_id,port):
"""Add CloudKnox account."""
try:
conn = http.client.HTTPSConnection(url, port)
content_type = "application/json"
print('inside add_cloudknox_account')
print('api_id: '+ api_id )
print('accessToken: '+ access_token )
print('serviceId: '+ service_id )
print('timestamp: '+ timestamp )
print('url: ' + url)
print('CloudKnoxSentryAccountId: ' + cloudknox_sentry_account_id)
print('accId: ' + acc_id)
headers = {
'X-CloudKnox-Access-Token': access_token,
'X-CloudKnox-API-Id': api_id,
'X-CloudKnox-Service-Account-Id': service_id,
'X-CloudKnox-Timestamp-Millis': timestamp,
'Content-Type': content_type
}
cloudknox_dict = {}
cloudknox_dict['authorizationSystemId'] = cloudknox_sentry_account_id
cloudknox_dict['accountsToAdd'] = [{'id': acc_id,
'roleName': 'IAM_R_KNOX_SECURITY_XA'}]
payload = json.dumps(cloudknox_dict)
print('payload: ' + payload)
conn.request("POST", "/api/v2/organization/auth-systems/aws/add", payload, headers)
res = conn.getresponse()
data = res.read()
data_raw = data.decode()
print('data_raw: ' + data_raw)
json.loads(data.decode("utf-8"))
except Exception as e:
logger.error('Unexpected Error: %s', e)