in aws_sra_examples/solutions/guardduty/guardduty_org/lambda/src/app.py [0:0]
def gd_create_members(guardduty_client, detector_id: str, accounts: list):
"""
Create GuardDuty members with existing accounts. Retry 2 times.
:param guardduty_client:
:param detector_id:
:param accounts:
:return:
"""
try:
logger.info("Creating members")
create_members_response = guardduty_client.create_members(DetectorId=detector_id, AccountDetails=accounts)
if "UnprocessedAccounts" in create_members_response and create_members_response["UnprocessedAccounts"]:
unprocessed = True
retry_count = 0
unprocessed_accounts = []
while unprocessed:
retry_count += 1
logger.info(f"Unprocessed Accounts: {create_members_response['UnprocessedAccounts']}")
remaining_accounts = []
for unprocessed_account in create_members_response["UnprocessedAccounts"]:
account_id = unprocessed_account["AccountId"]
account_info = [account_record for account_record in accounts if
account_record["AccountId"] == account_id]
remaining_accounts.append(account_info[0])
if remaining_accounts:
create_members_response = guardduty_client.create_members(DetectorId=detector_id,
AccountDetails=remaining_accounts)
if "UnprocessedAccounts" in create_members_response \
and create_members_response["UnprocessedAccounts"]:
unprocessed_accounts = create_members_response["UnprocessedAccounts"]
if retry_count == 2:
unprocessed = False
else:
unprocessed = False
if unprocessed_accounts:
logger.info(f"Unprocessed Member Accounts: {unprocessed_accounts}")
raise ValueError(f"Unprocessed Member Accounts")
except Exception as exc:
logger.error(f"{exc}")
raise ValueError(f"Error Creating Member Accounts")