def lambda_handler()

in source/customer_managed_backup.py [0:0]

• 68 lines of code
• 5 McCabe index (conditional complexity)

def lambda_handler(event, context):

    # Get inputs from the lambda JSON inputs
    try:
        backup_plan_id= event['change_type_id']
        ams_app_id= event['app_account_id']
        local_exec_params = event['exec_params']
        app_acct_role = event['app_acct_role']

        if backup_plan_id =="Base_AWS_BackUp":
            # Location of the input files, these directories are set in temp.yaml
            local_s3_session = boto3.session.Session()
            s3handler = local_s3_session.client('s3')

            bucket = S3bucket
            key = templateS3Key + local_exec_params
            BackupPlanData = s3handler.get_object(Bucket=bucket, Key=key)
            BackUpExecParams  = json.loads(BackupPlanData['Body'].read().decode('utf-8'))
            ResourceTagKey = BackUpExecParams['Parameters']['ResourceTagKey']
            ResourceTagValue = BackUpExecParams['Parameters']['ResourceTagValue']
            BackupPlanName = BackUpExecParams['Parameters']['BackupPlanName']

    except Exception as cust_backup_plan_input_failure:
        return (str(cust_backup_plan_input_failure))

    try:

        member_account_session = get_session(str(ams_app_id), str(app_acct_role), "customer_managed_backup",ExternalId)
        VaultBackUpClient = member_account_session.client('backup')
        VaultBackUpClient.create_backup_vault(
            BackupVaultName=BackUpExecParams['Parameters']['BackupRule1Vault'],
        )
    except Exception as VaultException:
        return (str(VaultException))

    try:
        member_account_session = get_session(str(ams_app_id), str(app_acct_role), "customer_managed_backup",ExternalId)
        BackUpClient = member_account_session.client('backup')

        response = BackUpClient.create_backup_plan(
            BackupPlan={
                'BackupPlanName': BackUpExecParams['Parameters']['BackupPlanName'],
                'Rules': [
                    {
                        'RuleName': BackUpExecParams['Parameters']['BackupRule1Name'],
                        'TargetBackupVaultName': BackUpExecParams['Parameters']['BackupRule1Vault'],
                        'ScheduleExpression': BackUpExecParams['Parameters']['BackupRule1ScheduleExpression'],
                        'StartWindowMinutes': BackUpExecParams['Parameters']['BackupRule1StartWindowMinutes'],
                        'CompletionWindowMinutes': BackUpExecParams['Parameters']['BackupRule1CompletionWindowMinutes'],
                        'Lifecycle': {
                            'MoveToColdStorageAfterDays': BackUpExecParams['Parameters']['BackupRule1MoveToColdStorageAfterDays'],
                            'DeleteAfterDays': BackUpExecParams['Parameters']['BackupRule1DeleteAfterDays']
                        },
                    },
                ]
            },
            BackupPlanTags={
                BackUpExecParams['Parameters']['ResourceTagKey']:BackUpExecParams['Parameters']['ResourceTagValue']
            },
        )
        NewPlanId = response['BackupPlanId']
        BackUpClient.create_backup_selection(
            BackupPlanId=NewPlanId,
            BackupSelection={
                'SelectionName': BackupPlanName + '-tag-selection',
                'IamRoleArn': 'arn:aws:iam::' + ams_app_id + ':role/service-role/AWSBackupDefaultServiceRole',
                'ListOfTags': [
                    {
                        'ConditionType': 'STRINGEQUALS',
                        'ConditionKey': ResourceTagKey,
                        'ConditionValue': ResourceTagValue
                    },
                ]
            }
        )

        return {'planId': NewPlanId}
    except Exception as backup_plan_create_failure:
        return (str(backup_plan_create_failure))