DEVHIDE
Login Or Sign up

To by pass the SUSPENDED AWS accounts using AWS Organizations API

363 Views Asked by At

I was trying to write the code where it will pass the list of accounts within AWS Organizations which are SUSPENDED and will print the logic output for the ACTIVE accounts. The code snippet is:

def get_accounts(role_arn) -> list:
    '''Appends all the accounts listed in operations into ACCOUNTS'''
    accounts = []
    creds = get_aws_key_and_token(role_arn)
    sess = session.Session(
        aws_access_key_id=creds['AccessKeyId'],
        aws_secret_access_key=creds['SecretAccessKey'],
        aws_session_token=creds['SessionToken']
    )
    accounts = {}
    org = sess.client('organizations')
    paginator = org.get_paginator('list_accounts')
    page_iterator = paginator.paginate()
    for page in page_iterator:
        for acct in page['Accounts']:
            accounts[acct['Id']] = acct['Name']            
    return accounts

Can someone please help me to add that functionality?

Thanks

python-3.x amazon-web-services aws-organizations
Original Q&A
2

There are 2 best solutions below

2
On

The list_accounts() documentation shows the output as:

{
    'Accounts': [
        {
            'Id': 'string',
            'Arn': 'string',
            'Email': 'string',
            'Name': 'string',
            'Status': 'ACTIVE'|'SUSPENDED',
            'JoinedMethod': 'INVITED'|'CREATED',
            'JoinedTimestamp': datetime(2015, 1, 1)
        },
    ],
    'NextToken': 'string'
}

Therefore, you could use:

    for page in page_iterator:
        for acct in page['Accounts']:
            if acct['Status'] == 'ACTIVE':    # <---- This line added
                accounts[acct['Id']] = acct['Name']
0
On

So this piece of code is ignoring the suspended accounts which are part of the AWS organizations and only running against the ACTIVE accounts. The good thing about this is it will be used as a module for any other AWS service.

def get_accounts(role_arn) -> list:
    '''Appends all the accounts listed in operations into ACCOUNTS'''
    accounts = []
    creds = get_aws_key_and_token(role_arn)
    sess = session.Session(
        aws_access_key_id=creds['AccessKeyId'],
        aws_secret_access_key=creds['SecretAccessKey'],
        aws_session_token=creds['SessionToken']
    )
    accounts = {}
    org = sess.client('organizations')
    paginator = org.get_paginator('list_accounts')
    page_iterator = paginator.paginate()
    for page in page_iterator:
        for acct in page['Accounts']:
            if acct['Status'] == 'ACTIVE':
                accounts[acct['Id']] = acct['Name']
    return accounts

Related Questions in PYTHON-3.X

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AWS-ORGANIZATIONS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.