diff --git a/dotnetv4/ControlTower/Actions/ControlTowerWrapper.cs b/dotnetv4/ControlTower/Actions/ControlTowerWrapper.cs index baff9a65f54..c74f9f19b35 100644 --- a/dotnetv4/ControlTower/Actions/ControlTowerWrapper.cs +++ b/dotnetv4/ControlTower/Actions/ControlTowerWrapper.cs @@ -125,20 +125,21 @@ public async Task> ListEnabledBaselinesAsync() /// The identifier of baseline to enable. /// The version of baseline to enable. /// The identifier of identity center baseline if it is enabled. - /// The enabled baseline ARN or null if already enabled. + /// The enabled baseline ARN or null. public async Task EnableBaselineAsync(string targetIdentifier, string baselineIdentifier, string baselineVersion, string identityCenterBaseline) { try { - var parameters = new List + var parameters = new List(); + if (!string.IsNullOrEmpty(identityCenterBaseline)) { - new EnabledBaselineParameter - { - Key = "IdentityCenterEnabledBaselineArn", - Value = identityCenterBaseline - } - }; - + parameters.Add( + new EnabledBaselineParameter + { + Key = "IdentityCenterEnabledBaselineArn", + Value = identityCenterBaseline + }); + } var request = new EnableBaselineRequest { BaselineIdentifier = baselineIdentifier, @@ -164,9 +165,12 @@ public async Task> ListEnabledBaselinesAsync() return response.Arn; } - catch (ValidationException ex) when (ex.Message.Contains("already enabled")) + catch (ValidationException ex) { - Console.WriteLine("Baseline is already enabled for this target"); + if (ex.Message.Contains("already enabled")) + Console.WriteLine("Baseline is already enabled for this target"); + else { Console.WriteLine(ex.Message); } + // Write the message and return null if baseline cannot be enabled. return null; } catch (AmazonControlTowerException ex) diff --git a/dotnetv4/ControlTower/README.md b/dotnetv4/ControlTower/README.md index 796e52fd495..22895f59e65 100644 --- a/dotnetv4/ControlTower/README.md +++ b/dotnetv4/ControlTower/README.md @@ -31,31 +31,31 @@ For prerequisites, see the [README](../README.md#Prerequisites) in the `dotnetv4 ### Get started -- [Hello AWS Control Tower](../ControlTower/Actions/HelloControlTower.cs#L4) (`ListBaselines`) +- [Hello AWS Control Tower](Actions/HelloControlTower.cs#L4) (`ListBaselines`) ### Basics Code examples that show you how to perform the essential operations within a service. -- [Learn the basics](../ControlTower/Scenarios/ControlTower_Basics/ControlTowerBasics.cs) +- [Learn the basics](Scenarios/ControlTower_Basics/ControlTowerBasics.cs) ### Single actions Code excerpts that show you how to call individual service functions. -- [DisableBaseline](../ControlTower/Actions/ControlTowerWrapper.cs#L181) -- [DisableControl](../ControlTower/Actions/ControlTowerWrapper.cs#L401) -- [EnableBaseline](../ControlTower/Actions/ControlTowerWrapper.cs#L120) -- [EnableControl](../ControlTower/Actions/ControlTowerWrapper.cs#L345) -- [GetBaselineOperation](../ControlTower/Actions/ControlTowerWrapper.cs#L273) -- [GetControlOperation](../ControlTower/Actions/ControlTowerWrapper.cs#L449) -- [ListBaselines](../ControlTower/Actions/ControlTowerWrapper.cs#L62) -- [ListEnabledBaselines](../ControlTower/Actions/ControlTowerWrapper.cs#L91) -- [ListEnabledControls](../ControlTower/Actions/ControlTowerWrapper.cs#L305) -- [ListLandingZones](../ControlTower/Actions/ControlTowerWrapper.cs#L33) -- [ResetEnabledBaseline](../ControlTower/Actions/ControlTowerWrapper.cs#L227) +- [DisableBaseline](Actions/ControlTowerWrapper.cs#L185) +- [DisableControl](Actions/ControlTowerWrapper.cs#L405) +- [EnableBaseline](Actions/ControlTowerWrapper.cs#L120) +- [EnableControl](Actions/ControlTowerWrapper.cs#L349) +- [GetBaselineOperation](Actions/ControlTowerWrapper.cs#L277) +- [GetControlOperation](Actions/ControlTowerWrapper.cs#L453) +- [ListBaselines](Actions/ControlTowerWrapper.cs#L62) +- [ListEnabledBaselines](Actions/ControlTowerWrapper.cs#L91) +- [ListEnabledControls](Actions/ControlTowerWrapper.cs#L309) +- [ListLandingZones](Actions/ControlTowerWrapper.cs#L33) +- [ResetEnabledBaseline](Actions/ControlTowerWrapper.cs#L231) diff --git a/dotnetv4/ControlTower/Scenarios/ControlTower_Basics/ControlTowerBasics.cs b/dotnetv4/ControlTower/Scenarios/ControlTower_Basics/ControlTowerBasics.cs index 9d5e3e212da..7a96ac75a60 100644 --- a/dotnetv4/ControlTower/Scenarios/ControlTower_Basics/ControlTowerBasics.cs +++ b/dotnetv4/ControlTower/Scenarios/ControlTower_Basics/ControlTowerBasics.cs @@ -130,7 +130,7 @@ public static async Task RunScenario() Console.WriteLine("\nEnabling Control Tower Baseline."); var icBaselineArn = identityCenterBaseline?.Arn; baselineArn = await wrapper.EnableBaselineAsync(ouArn, - controlTowerBaseline.Arn, "4.0", icBaselineArn ?? ""); + controlTowerBaseline.Arn, "5.0", icBaselineArn ?? ""); var alreadyEnabled = false; if (baselineArn != null) { @@ -144,12 +144,11 @@ public static async Task RunScenario() if (enabled.BaselineIdentifier == controlTowerBaseline.Arn) { baselineArn = enabled.Arn; + alreadyEnabled = true; + Console.WriteLine("No change, the selected baseline was already enabled."); break; } } - - alreadyEnabled = true; - Console.WriteLine("No change, the selected baseline was already enabled."); } if (baselineArn != null) @@ -173,7 +172,7 @@ public static async Task RunScenario() Console.WriteLine($"\nRe-enabling Control Tower Baseline: {baselineArn}"); // Re-enable the Control Tower baseline if it was originally enabled. await wrapper.EnableBaselineAsync(ouArn, - controlTowerBaseline.Arn, "4.0", icBaselineArn ?? ""); + controlTowerBaseline.Arn, "5.0", icBaselineArn ?? ""); } } } diff --git a/python/example_code/controltower/README.md b/python/example_code/controltower/README.md index 726705ff9ef..8036ef41ac5 100644 --- a/python/example_code/controltower/README.md +++ b/python/example_code/controltower/README.md @@ -52,17 +52,17 @@ Code examples that show you how to perform the essential operations within a ser Code excerpts that show you how to call individual service functions. -- [DisableBaseline](controltower_wrapper.py#L392) -- [DisableControl](controltower_wrapper.py#L263) +- [DisableBaseline](controltower_wrapper.py#L396) +- [DisableControl](controltower_wrapper.py#L267) - [EnableBaseline](controltower_wrapper.py#L69) -- [EnableControl](controltower_wrapper.py#L159) -- [GetBaselineOperation](controltower_wrapper.py#L236) -- [GetControlOperation](controltower_wrapper.py#L209) +- [EnableControl](controltower_wrapper.py#L163) +- [GetBaselineOperation](controltower_wrapper.py#L240) +- [GetControlOperation](controltower_wrapper.py#L213) - [ListBaselines](controltower_wrapper.py#L39) -- [ListEnabledBaselines](controltower_wrapper.py#L330) -- [ListEnabledControls](controltower_wrapper.py#L431) -- [ListLandingZones](controltower_wrapper.py#L300) -- [ResetEnabledBaseline](controltower_wrapper.py#L358) +- [ListEnabledBaselines](controltower_wrapper.py#L334) +- [ListEnabledControls](controltower_wrapper.py#L435) +- [ListLandingZones](controltower_wrapper.py#L304) +- [ResetEnabledBaseline](controltower_wrapper.py#L362) diff --git a/python/example_code/controltower/controltower_wrapper.py b/python/example_code/controltower/controltower_wrapper.py index 0a9cefa855a..9de7a581929 100644 --- a/python/example_code/controltower/controltower_wrapper.py +++ b/python/example_code/controltower/controltower_wrapper.py @@ -85,16 +85,21 @@ def enable_baseline( :raises ClientError: If enabling the baseline fails for reasons other than it being already enabled. """ try: - response = self.controltower_client.enable_baseline( - baselineIdentifier=baseline_identifier, - baselineVersion=baseline_version, - targetIdentifier=target_identifier, - parameters=[ + # Only include parameters if identity_center_baseline is not empty + parameters = [] + if identity_center_baseline: + parameters = [ { "key": "IdentityCenterEnabledBaselineArn", "value": identity_center_baseline, } - ], + ] + + response = self.controltower_client.enable_baseline( + baselineIdentifier=baseline_identifier, + baselineVersion=baseline_version, + targetIdentifier=target_identifier, + parameters=parameters, ) operation_id = response["operationIdentifier"] @@ -110,7 +115,6 @@ def enable_baseline( if err.response["Error"]["Code"] == "ValidationException": if "already enabled" in err.response["Error"]["Message"]: print("Baseline is already enabled for this target") - return None else: print( "Unable to enable baseline due to validation exception: %s: %s", @@ -122,7 +126,7 @@ def enable_baseline( err.response["Error"]["Code"], err.response["Error"]["Message"], ) - raise + return None # snippet-end:[python.example_code.controltower.EnableBaseline] diff --git a/python/example_code/controltower/scenario_controltower.py b/python/example_code/controltower/scenario_controltower.py index 4e1636fa3df..04f3a81093f 100644 --- a/python/example_code/controltower/scenario_controltower.py +++ b/python/example_code/controltower/scenario_controltower.py @@ -121,7 +121,7 @@ def run_scenario(self) -> None: else None ) baseline_arn = self.controltower_wrapper.enable_baseline( - self.ou_arn, ic_baseline_arn, control_tower_baseline["arn"], "4.0" + self.ou_arn, ic_baseline_arn, control_tower_baseline["arn"], "5.0" ) if baseline_arn: print(f"Enabled baseline ARN: {baseline_arn}") @@ -133,9 +133,10 @@ def run_scenario(self) -> None: == control_tower_baseline["arn"] ): baseline_arn = enabled_baseline["arn"] - print("No change, the selected baseline was already enabled.") + if baseline_arn: + print("No change, the selected baseline was already enabled.") - if q.ask( + if baseline_arn and q.ask( f"Do you want to reset the Control Tower Baseline? (y/n) ", q.is_yesno, ): @@ -161,7 +162,7 @@ def run_scenario(self) -> None: self.ou_arn, ic_baseline_arn, control_tower_baseline["arn"], - "4.0", + "5.0", ) # List and Enable Controls.