Release: 1.0.12

aws-ia · Jan 18, 2022 · c87783f · c87783f
1 parent d347c43
commit c87783f
Show file tree

Hide file tree

Showing 6 changed files with 32 additions and 19 deletions.
diff --git a/.gitignore b/.gitignore
@@ -258,6 +258,7 @@ $RECYCLE.BIN/
 .idea/**/usage.statistics.xml
 .idea/**/dictionaries
 .idea/**/shelf
+.vscode
 
 # AWS User-specific
 .idea/**/aws.xml
@@ -345,4 +346,4 @@ typings/
 .idea/sonarlint
 
 # zip archives
-*.zip
+*.zip
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.0.11
+1.0.12
diff --git a/modules/aft-feature-options/lambda/aft-enable-cloudtrail/aft_enable_cloudtrail.py b/modules/aft-feature-options/lambda/aft-enable-cloudtrail/aft_enable_cloudtrail.py
@@ -1,21 +1,30 @@
 import inspect
-from typing import Any, Dict, List, Union
+from typing import TYPE_CHECKING, Any, Dict, List, Union
 
 import aft_common.aft_utils as utils
 import boto3
 from boto3.session import Session
 
+if TYPE_CHECKING:
+    from mypy_boto3_cloudtrail import CloudTrailClient
+else:
+    CloudTrailClient = object
+
 logger = utils.get_logger()
 
 CLOUDTRAIL_TRAIL_NAME = "aws-aft-CustomizationsCloudTrail"
 
 
 def trail_exists(session: Session) -> bool:
-    client = session.client("cloudtrail")
+    client: CloudTrailClient = session.client("cloudtrail")
     logger.info("Checking for trail " + CLOUDTRAIL_TRAIL_NAME)
-    response = client.get_trail(Name=CLOUDTRAIL_TRAIL_NAME)
-    logger.info("Trail already exists")
-    return True
+    try:
+        client.get_trail(Name=CLOUDTRAIL_TRAIL_NAME)
+        logger.info("Trail already exists")
+        return True
+    except client.exceptions.TrailNotFoundException:
+        logger.info("Trail does not exist")
+        return False
 
 
 def event_selectors_exists(session: Session) -> bool:

diff --git a/sources/aft-customizations-repos/aft-account-customizations/README.md b/sources/aft-customizations-repos/aft-account-customizations/README.md
@@ -1,9 +1,6 @@
 # Introduction
 This repo stores the Terraform and API helpers for the Account Customizations. Account Customizations are used to customize all provisioned accounts with customer defined resources. The resources can be created through Terraform or through Python, leveraging the API helpers. The customization run is parameterized at runtime.
 
-# Usage
-To create an account specific baseline, copy the ACCOUNT_TEMPLATE folder into a new folder. The new folder name should be the account ID you wish to baseline.
-
 # Usage
 To leverage Account Customizations, start by copying the ACCOUNT_TEMPLATE folder into a new folder. The new folder name should match the ```account_customizations_name``` provided in the account request for the accounts you would like to baseline. Then, populate the target folder as per the instructions below.
 
@@ -40,4 +37,4 @@ account = $(aws sts get-caller-identity --query Account --output text)
 region = $(aws ec2 describe-availability-zones --query 'AvailabilityZones[0].[RegionName]' --output text)
 cidr = $(python ./python/source/get_cidr_range.py)
 aws ssm put-parameter --name /$account/$region/vpc/cidr --value $cidr
-```
+```
diff --git a/sources/aft-lambda-layer/setup.py b/sources/aft-lambda-layer/setup.py
@@ -73,7 +73,7 @@
             "pre-commit == 2.16.0",
             "pycodestyle == 2.8.0",
             "mypy == 0.930",
-            "boto3-stubs[support, stepfunctions, ec2, organizations, servicecatalog, sqs, lambda, sns, sts] == 1.20.26",
+            "boto3-stubs[support, stepfunctions, ec2, organizations, servicecatalog, sqs, lambda, sns, sts, cloudtrail] == 1.20.26",
             "mypy_boto3_builder == 5.5.0",
         ]
     },

diff --git a/sources/scripts/terraform_client.py b/sources/scripts/terraform_client.py
@@ -1,5 +1,5 @@
 #!/usr/bin/python
-
+import os
 import time
 
 import requests
@@ -24,7 +24,8 @@ def check_workspace_exists(organization_name, workspace_name, api_token):
         TERRAFORM_API_ENDPOINT, organization_name, workspace_name
     )
     headers = __build_standard_headers(api_token)
-    response = requests.get(endpoint, headers=headers)
+    tf_dist = os.environ.get("TF_DISTRIBUTION")
+    response = requests.get(endpoint, headers=headers, verify=tf_dist != "tfe")
     data = response.json()
 
     if "data" in data.keys():
@@ -75,7 +76,8 @@ def create_configuration_version(workspace_id, api_token):
 
 def upload_configuration_content(data, upload_url):
     headers = {"Content-Type": "application/octet-stream", "Accept": "application/json"}
-    requests.put(upload_url, data=data, headers=headers)
+    tf_dist = os.environ.get("TF_DISTRIBUTION")
+    requests.put(upload_url, data=data, headers=headers, verify=tf_dist != "tfe")
 
 
 def set_environment_variable(
@@ -203,25 +205,29 @@ def __build_standard_headers(api_token):
 
 
 def __post(endpoint, headers, payload):
-    response = requests.post(endpoint, headers=headers, json=payload)
+    tf_dist = os.environ.get("TF_DISTRIBUTION")
+    response = requests.post(endpoint, headers=headers, json=payload, verify=tf_dist != "tfe")
     __handle_errors(response)
     return response.json()
 
 
 def __patch(endpoint, headers, payload):
-    response = requests.patch(endpoint, headers=headers, json=payload)
+    tf_dist = os.environ.get("TF_DISTRIBUTION")
+    response = requests.patch(endpoint, headers=headers, json=payload, verify=tf_dist != "tfe")
     __handle_errors(response)
     return response.json()
 
 
 def __get(endpoint, headers):
-    response = requests.get(endpoint, headers=headers)
+    tf_dist = os.environ.get("TF_DISTRIBUTION")
+    response = requests.get(endpoint, headers=headers, verify=tf_dist != "tfe")
     __handle_errors(response)
     return response.json()
 
 
 def __delete(endpoint, headers):
-    response = requests.delete(endpoint, headers=headers)
+    tf_dist = os.environ.get("TF_DISTRIBUTION")
+    response = requests.delete(endpoint, headers=headers, verify=tf_dist != "tfe")
     # __handle_errors(response)
     return response.json()