in subfunctions/ALE_dryrun_single.py [0:0]
def dryrun_flow_log_activator(region_list, account_number):
"""Function that turns on the VPC Flow Logs, for VPCs identifed without them"""
for aws_region in region_list:
ec2 = boto3.client('ec2', region_name=aws_region)
logging.info("Creating a list of VPCs without Flow Logs on in region " + aws_region + ".")
try:
VPCList: list = []
FlowLogList: list = []
logging.info("DescribeVpcs API Call")
vpcs = ec2.describe_vpcs()
for vpc_id in vpcs["Vpcs"]:
VPCList.append(vpc_id["VpcId"])
logging.info("List of VPCs found within account " + account_number + ", region " + aws_region + ":")
print(VPCList)
logging.info("DescribeFlowLogs API Call")
vpcflowloglist = ec2.describe_flow_logs()
for resource_id in vpcflowloglist["FlowLogs"]:
FlowLogList.append(resource_id["ResourceId"])
working_list = (list(set(VPCList) - set(FlowLogList)))
logging.info("List of VPCs found within account " + account_number + ", region " + aws_region + " WITHOUT VPC Flow Logs:")
print(working_list)
for no_logs in working_list:
logging.info(no_logs + " does not have VPC Flow logging on. This will not be turned on within the Dry Run option.")
except Exception as exception_handle:
logging.error(exception_handle)