def provision_certificate()

in lambda-issuer-acmpca/main.py [0:0]

• 25 lines of code
• 3 McCabe index (conditional complexity)

def provision_certificate( csr ):
    acmpca = boto3.client('acm-pca')
    ca_arn = os.environ['ACMPCA_CA_ARN']
        
    # Create the Certificate - duration 150 days - very arbitrary
    # TODO: pull the Value up to environment variable driven duration
    # TODO: pull up the SigningAlgorithm to include RSA256 as well as
    # the two ECC curves
    # TODO: Figure out a better way to deal with this idempotency token
    cert = acmpca.issue_certificate(
        CertificateAuthorityArn=ca_arn,
        SigningAlgorithm='SHA256WITHRSA',
        Csr=csr,
        Validity={
            'Value': 150,
            'Type': 'DAYS'
        },
        IdempotencyToken=''.join(random.choice(string.ascii_lowercase) for i in range(10))
    )
    
    # Fetch the certificate
    err = 1
    while 1:
        try:
            certificate= acmpca.get_certificate(
                CertificateAuthorityArn=ca_arn,
                CertificateArn=cert['CertificateArn']
            )
            return certificate
        except:
            print("Certificate not ready yet")
            time.sleep(1)
    return None