in subfunctions/ALE_dryrun_multi.py [0:0]
def dryrun_eks_logging(region_list, OrgAccountIdList):
"""Function to turn on logging for EKS Clusters"""
for org_account in OrgAccountIdList:
for aws_region in region_list:
logging.info("Showing Amazon EKS clusters in AWS account " + org_account + ", in region " + aws_region + ".")
sts = boto3.client('sts')
RoleArn = 'arn:aws:iam::%s:role/Assisted_Log_Enabler_IAM_Role' % org_account
logging.info('Assuming Target Role %s for Assisted Log Enabler...' % RoleArn)
assisted_log_enabler_sts = sts.assume_role(
RoleArn=RoleArn,
RoleSessionName='assisted-log-enabler-activation',
DurationSeconds=3600,
)
eks_ma = boto3.client(
'eks',
aws_access_key_id=assisted_log_enabler_sts['Credentials']['AccessKeyId'],
aws_secret_access_key=assisted_log_enabler_sts['Credentials']['SecretAccessKey'],
aws_session_token=assisted_log_enabler_sts['Credentials']['SessionToken'],
region_name=aws_region
)
try:
logging.info("ListClusters API Call")
eks_clusters = eks_ma.list_clusters()
eks_cluster_list = eks_clusters ['clusters']
logging.info("EKS Clusters found in " + aws_region + ":")
print(eks_cluster_list)
for cluster in eks_cluster_list:
logging.info("Please check if Audit and Authenticator logs are on for EKS Cluster " + cluster)
except Exception as exception_handle:
logging.error(exception_handle)