in aws_sra_examples/solutions/common/common_register_delegated_administrator/lambda/src/app.py [0:0]
def update(event, _):
"""
CloudFormation Update Event
:param event:
:param _:
:return:
"""
logger.info(f"Update Event: {event}")
try:
check_parameters(event)
params = event.get("ResourceProperties")
aws_service_principal_list = [value.strip() for value in params.get("AWS_SERVICE_PRINCIPAL_LIST", "")
if value != '']
check_service_principals(aws_service_principal_list)
old_params = event.get("OldResourceProperties")
old_aws_service_principal_list = [value.strip() for value in old_params.get("AWS_SERVICE_PRINCIPAL_LIST", "")
if value != '']
add_list = list(set(aws_service_principal_list) - set(old_aws_service_principal_list))
remove_list = list(set(old_aws_service_principal_list) - set(aws_service_principal_list))
if add_list:
for aws_service_principal in add_list:
enable_aws_service_access(aws_service_principal)
register_delegated_administrator(params.get("DELEGATED_ADMIN_ACCOUNT_ID", ""), aws_service_principal)
if remove_list:
for aws_service_principal in remove_list:
deregister_delegated_administrator(params.get("DELEGATED_ADMIN_ACCOUNT_ID", ""), aws_service_principal)
disable_aws_service_access(aws_service_principal)
except Exception as error:
logger.error(f"Exception: {error}")
raise ValueError("Error updating delegated administrators")