Release: 1.0.10

aws-ia · Dec 17, 2021 · a621bb2 · a621bb2
1 parent 4ec96a5
commit a621bb2
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 14 deletions.
diff --git a/README.md b/README.md
@@ -111,7 +111,7 @@ Now that you have configured and deployed AWS Control Tower Account Factory for
 | <a name="input_aft_vpc_private_subnet_02_cidr"></a> [aft\_vpc\_private\_subnet\_02\_cidr](#input\_aft\_vpc\_private\_subnet\_02\_cidr) | CIDR Block to allocate to the Private Subnet 02 | `string` | `"192.168.1.0/24"` | no |
 | <a name="input_aft_vpc_public_subnet_01_cidr"></a> [aft\_vpc\_public\_subnet\_01\_cidr](#input\_aft\_vpc\_public\_subnet\_01\_cidr) | CIDR Block to allocate to the Public Subnet 01 | `string` | `"192.168.2.0/25"` | no |
 | <a name="input_aft_vpc_public_subnet_02_cidr"></a> [aft\_vpc\_public\_subnet\_02\_cidr](#input\_aft\_vpc\_public\_subnet\_02\_cidr) | CIDR Block to allocate to the Public Subnet 02 | `string` | `"192.168.2.128/25"` | no |
-| <a name="input_aft_vpc_endpoints"></a> [aft\_vpc\_aft\_vpc\_endpoints](#input\_aft\_vpc\_endpoints) | Flag turning VPC endpoints on/off for AFT VPC | `bool` | `true` | no |
+| <a name="input_aft_vpc_endpoints"></a> [aft\_vpc\_endpoints](#input\_aft\_vpc\_endpoints) | Flag turning VPC endpoints on/off for AFT VPC | `bool` | `true` | no |
 | <a name="input_audit_account_id"></a> [audit\_account\_id](#input\_audit\_account\_id) | Audit Account Id | `string` | n/a | yes |
 | <a name="input_cloudwatch_log_group_retention"></a> [cloudwatch\_log\_group\_retention](#input\_cloudwatch\_log\_group\_retention) | Amount of days to keep CloudWatch Log Groups for Lambda functions. 0 = Never Expire | `string` | `"0"` | no |
 | <a name="input_ct_home_region"></a> [ct\_home\_region](#input\_ct\_home\_region) | The region from which this module will be executed. This MUST be the same region as Control Tower is deployed. | `string` | n/a | yes |

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.0.9
+1.0.10
diff --git a/sources/aft-lambda-layer/aft-common/src/aft_common/aft_utils.py b/sources/aft-lambda-layer/aft-common/src/aft_common/aft_utils.py
@@ -2,6 +2,8 @@
 import json
 import os
 import uuid
+from typing import List, Dict, Optional
+
 from .logger import Logger
 import boto3
 import botocore
@@ -836,30 +838,32 @@ def tag_org_resource(
         raise
 
 
-def get_all_aft_account_ids(session):
+def get_all_aft_account_ids(session) -> Optional[List[str]]:
     try:
         table_name = get_ssm_parameter_value(session, SSM_PARAM_AFT_DDB_META_TABLE)
-        aft_account_ids = []
         dynamodb = session.resource('dynamodb')
         table = dynamodb.Table(table_name)
         logger.info("Scanning DynamoDB table: " + table_name)
+
+        items: List[Dict[str, str]] = []
         response = table.scan(
-            AttributesToGet=[
-                'id',
-            ]
+            ProjectionExpression="id",
+            ConsistentRead=True
         )
-        items = response['Items']
+        items.extend(response['Items'])
+
         while 'LastEvaluatedKey' in response:
+            logger.debug("Paginated response found, continuing at {}".format(response['LastEvaluatedKey']))
             response = table.scan(ExclusiveStartKey=response['LastEvaluatedKey'])
-        items.append(response['Items'])
+            items.extend(response['Items'])
 
-        for i in items:
-            aft_account_ids.append(i['id'])
-        if len(aft_account_ids) > 0:
-            return aft_account_ids
-        else:
+        aft_account_ids = [item['id'] for item in items]
+
+        if not aft_account_ids:
             return None
 
+        return aft_account_ids
+
     except Exception as e:
         message = {
             "FILE": __file__.split("/")[-1],