in service-catalog-and-license-manager-entitlement/handler.py [0:0]
def validate_portfolio_share(portfolio_id):
"""
Purpose: check portfolio share status for organization and / or organization unit.
Input: portfolio_id created in the marketplace stack
"""
try:
client = boto3.client('servicecatalog')
for item in ['ORGANIZATION', 'ORGANIZATIONAL_UNIT']:
response = client.describe_portfolio_shares(
PortfolioId=portfolio_id,
Type=item)
if len(response['PortfolioShareDetails']) == 0:
pass
elif len(response['PortfolioShareDetails']) != 0 and response['PortfolioShareDetails'][0]['PrincipalId'] not in portfolio_share:
portfolio_share.append(response['PortfolioShareDetails'][0]['PrincipalId'])
return portfolio_share
if len(portfolio_share) == 0:
logger.warning('Marketplace Porfolio: %s must be shared across Organization!', portfolio_id)
else:
logger.info('%s is shared with %s', portfolio_id, portfolio_share)
except ClientError as e:
if e.response['Error']['Code'] == 'AccessDeniedException':
logging.warning('Lambda does not have DescribePortfolioShares permission for client operation on %s', portfolio_id)
else:
raise e