in resources/sc-autopilot-importer.py [0:0]
def main(event,context):
#CREATE the following ENVIRONMENT VARIABLES
# key = default_launch_constraint and value = <ROLE_NAME_FOR_SC_LAUNCH_CONSTRAINT>
# key = default_iam_principal_role_name and value = <ROLE_NAME_FOR_SC_END_USER>
print("Entered main function with event: {}".format(event))
default_iam_principal_role_name = os.environ['default_iam_principal_role_name']
default_launch_constraint = os.environ['default_launch_constraint']
sts_client = boto3.client('sts')
current_account = sts_client.get_caller_identity()['Account']
sc_iam_role = ("arn:aws:iam::{}:role/{}".format(current_account,default_iam_principal_role_name))
launch_constraint = ('{"RoleArn":"arn:aws:iam::'+str(current_account)+':role/'+default_launch_constraint+'"}')
#Default share type is assumed as AWS_ORGANIZATIONS
share_type = "AWS_ORGANIZATIONS"
#Process SNS event
sc_event = process_event(event)
event_name = sc_event['eventName']
#Check if Portfolio Share is at the AWS_ACCOUNT Level (not ORG sharing). If yes, check if its shared with the current account. If yes, accept the share.
imported_account = sc_event['requestParameters'].get('accountId')
if event_name == 'CreatePortfolioShare' and current_account == imported_account:
print("Accepting portfolio share for account ", current_account)
share_type = "IMPORTED"
accept_portfolio(sc_event)
print(sc_iam_role)
print(launch_constraint)
if(default_launch_constraint == None or default_iam_principal_role_name == None):
print("Default launch constraint or IAM role missing, please provide in the Lambda environment variable")
sys.exit(1)
#Launching auto-import of AWS Service Catalog portfolios
print("Looking for shared portfolios....")
try:
setup_portfolios(sc_iam_role,launch_constraint,share_type)
except Exception as e:
print("An error occured during auto-import of SC portfolios. Error: {}".format(e))
sys.exit(1)
return "Success"