.NET Python: Update ControlTower for v5 Landing Zones

dotnetv4/ControlTower/Actions/ControlTowerWrapper.cs

@@ -125,20 +125,21 @@ public async Task<List<EnabledBaselineSummary>> ListEnabledBaselinesAsync()
     /// <param name="baselineIdentifier">The identifier of baseline to enable.</param>
     /// <param name="baselineVersion">The version of baseline to enable.</param>
     /// <param name="identityCenterBaseline">The identifier of identity center baseline if it is enabled.</param>
-    /// <returns>The enabled baseline ARN or null if already enabled.</returns>
+    /// <returns>The enabled baseline ARN or null.</returns>
     public async Task<string?> EnableBaselineAsync(string targetIdentifier, string baselineIdentifier, string baselineVersion, string identityCenterBaseline)
     {
         try
         {
-            var parameters = new List<EnabledBaselineParameter>
+            var parameters = new List<EnabledBaselineParameter>();
+            if (!string.IsNullOrEmpty(identityCenterBaseline))
             {
-                new EnabledBaselineParameter
-                {
-                    Key = "IdentityCenterEnabledBaselineArn",
-                    Value = identityCenterBaseline
-                }
-            };
-
+                parameters.Add(
+                    new EnabledBaselineParameter
+                    {
+                        Key = "IdentityCenterEnabledBaselineArn",
+                        Value = identityCenterBaseline
+                    });
+            }
             var request = new EnableBaselineRequest
             {
                 BaselineIdentifier = baselineIdentifier,
@@ -164,9 +165,12 @@ public async Task<List<EnabledBaselineSummary>> ListEnabledBaselinesAsync()
 
             return response.Arn;
         }
-        catch (ValidationException ex) when (ex.Message.Contains("already enabled"))
+        catch (ValidationException ex)
         {
-            Console.WriteLine("Baseline is already enabled for this target");
+            if (ex.Message.Contains("already enabled"))
+                Console.WriteLine("Baseline is already enabled for this target");
+            else { Console.WriteLine(ex.Message); }
+            // Write the message and return null if baseline cannot be enabled.
             return null;
         }
         catch (AmazonControlTowerException ex)

dotnetv4/ControlTower/README.md

@@ -31,31 +31,31 @@ For prerequisites, see the [README](../README.md#Prerequisites) in the `dotnetv4
 
 ### Get started
 
-- [Hello AWS Control Tower](../ControlTower/Actions/HelloControlTower.cs#L4) (`ListBaselines`)
+- [Hello AWS Control Tower](Actions/HelloControlTower.cs#L4) (`ListBaselines`)
 
 
 ### Basics
 
 Code examples that show you how to perform the essential operations within a service.
 
-- [Learn the basics](../ControlTower/Scenarios/ControlTower_Basics/ControlTowerBasics.cs)
+- [Learn the basics](Scenarios/ControlTower_Basics/ControlTowerBasics.cs)
 
 
 ### Single actions
 
 Code excerpts that show you how to call individual service functions.
 
-- [DisableBaseline](../ControlTower/Actions/ControlTowerWrapper.cs#L181)
-- [DisableControl](../ControlTower/Actions/ControlTowerWrapper.cs#L401)
-- [EnableBaseline](../ControlTower/Actions/ControlTowerWrapper.cs#L120)
-- [EnableControl](../ControlTower/Actions/ControlTowerWrapper.cs#L345)
-- [GetBaselineOperation](../ControlTower/Actions/ControlTowerWrapper.cs#L273)
-- [GetControlOperation](../ControlTower/Actions/ControlTowerWrapper.cs#L449)
-- [ListBaselines](../ControlTower/Actions/ControlTowerWrapper.cs#L62)
-- [ListEnabledBaselines](../ControlTower/Actions/ControlTowerWrapper.cs#L91)
-- [ListEnabledControls](../ControlTower/Actions/ControlTowerWrapper.cs#L305)
-- [ListLandingZones](../ControlTower/Actions/ControlTowerWrapper.cs#L33)
-- [ResetEnabledBaseline](../ControlTower/Actions/ControlTowerWrapper.cs#L227)
+- [DisableBaseline](Actions/ControlTowerWrapper.cs#L185)
+- [DisableControl](Actions/ControlTowerWrapper.cs#L405)
+- [EnableBaseline](Actions/ControlTowerWrapper.cs#L120)
+- [EnableControl](Actions/ControlTowerWrapper.cs#L349)
+- [GetBaselineOperation](Actions/ControlTowerWrapper.cs#L277)
+- [GetControlOperation](Actions/ControlTowerWrapper.cs#L453)
+- [ListBaselines](Actions/ControlTowerWrapper.cs#L62)
+- [ListEnabledBaselines](Actions/ControlTowerWrapper.cs#L91)
+- [ListEnabledControls](Actions/ControlTowerWrapper.cs#L309)
+- [ListLandingZones](Actions/ControlTowerWrapper.cs#L33)
+- [ResetEnabledBaseline](Actions/ControlTowerWrapper.cs#L231)
 
 
 <!--custom.examples.start-->

dotnetv4/ControlTower/Scenarios/ControlTower_Basics/ControlTowerBasics.cs

@@ -130,7 +130,7 @@ public static async Task RunScenario()
                         Console.WriteLine("\nEnabling Control Tower Baseline.");
                         var icBaselineArn = identityCenterBaseline?.Arn;
                         baselineArn = await wrapper.EnableBaselineAsync(ouArn,
-                            controlTowerBaseline.Arn, "4.0", icBaselineArn ?? "");
+                            controlTowerBaseline.Arn, "5.0", icBaselineArn ?? "");
                         var alreadyEnabled = false;
                         if (baselineArn != null)
                         {
@@ -144,12 +144,11 @@ public static async Task RunScenario()
                                 if (enabled.BaselineIdentifier == controlTowerBaseline.Arn)
                                 {
                                     baselineArn = enabled.Arn;
+                                    alreadyEnabled = true;
+                                    Console.WriteLine("No change, the selected baseline was already enabled.");
                                     break;
                                 }
                             }
-
-                            alreadyEnabled = true;
-                            Console.WriteLine("No change, the selected baseline was already enabled.");
                         }
 
                         if (baselineArn != null)
@@ -173,7 +172,7 @@ public static async Task RunScenario()
                                     Console.WriteLine($"\nRe-enabling Control Tower Baseline: {baselineArn}");
                                     // Re-enable the Control Tower baseline if it was originally enabled.
                                     await wrapper.EnableBaselineAsync(ouArn,
-                                        controlTowerBaseline.Arn, "4.0", icBaselineArn ?? "");
+                                        controlTowerBaseline.Arn, "5.0", icBaselineArn ?? "");
                                 }
                             }
                         }

python/example_code/controltower/README.md

@@ -52,17 +52,17 @@ Code examples that show you how to perform the essential operations within a ser
 
 Code excerpts that show you how to call individual service functions.
 
-- [DisableBaseline](controltower_wrapper.py#L392)
-- [DisableControl](controltower_wrapper.py#L263)
+- [DisableBaseline](controltower_wrapper.py#L396)
+- [DisableControl](controltower_wrapper.py#L267)
 - [EnableBaseline](controltower_wrapper.py#L69)
-- [EnableControl](controltower_wrapper.py#L159)
-- [GetBaselineOperation](controltower_wrapper.py#L236)
-- [GetControlOperation](controltower_wrapper.py#L209)
+- [EnableControl](controltower_wrapper.py#L163)
+- [GetBaselineOperation](controltower_wrapper.py#L240)
+- [GetControlOperation](controltower_wrapper.py#L213)
 - [ListBaselines](controltower_wrapper.py#L39)
-- [ListEnabledBaselines](controltower_wrapper.py#L330)
-- [ListEnabledControls](controltower_wrapper.py#L431)
-- [ListLandingZones](controltower_wrapper.py#L300)
-- [ResetEnabledBaseline](controltower_wrapper.py#L358)
+- [ListEnabledBaselines](controltower_wrapper.py#L334)
+- [ListEnabledControls](controltower_wrapper.py#L435)
+- [ListLandingZones](controltower_wrapper.py#L304)
+- [ResetEnabledBaseline](controltower_wrapper.py#L362)
 
 
 <!--custom.examples.start-->

python/example_code/controltower/controltower_wrapper.py

@@ -85,16 +85,21 @@ def enable_baseline(
         :raises ClientError: If enabling the baseline fails for reasons other than it being already enabled.
         """
         try:
-            response = self.controltower_client.enable_baseline(
-                baselineIdentifier=baseline_identifier,
-                baselineVersion=baseline_version,
-                targetIdentifier=target_identifier,
-                parameters=[
+            # Only include parameters if identity_center_baseline is not empty
+            parameters = []
+            if identity_center_baseline:
+                parameters = [
                     {
                         "key": "IdentityCenterEnabledBaselineArn",
                         "value": identity_center_baseline,
                     }
-                ],
+                ]
+
+            response = self.controltower_client.enable_baseline(
+                baselineIdentifier=baseline_identifier,
+                baselineVersion=baseline_version,
+                targetIdentifier=target_identifier,
+                parameters=parameters,
             )
 
             operation_id = response["operationIdentifier"]
@@ -110,7 +115,6 @@ def enable_baseline(
             if err.response["Error"]["Code"] == "ValidationException":
                 if "already enabled" in err.response["Error"]["Message"]:
                     print("Baseline is already enabled for this target")
-                    return None
                 else:
                     print(
                         "Unable to enable baseline due to validation exception: %s: %s",
@@ -122,7 +126,7 @@ def enable_baseline(
                 err.response["Error"]["Code"],
                 err.response["Error"]["Message"],
             )
-            raise
+            return None
 
     # snippet-end:[python.example_code.controltower.EnableBaseline]
 

python/example_code/controltower/scenario_controltower.py

@@ -121,7 +121,7 @@ def run_scenario(self) -> None:
                     else None
                 )
                 baseline_arn = self.controltower_wrapper.enable_baseline(
-                    self.ou_arn, ic_baseline_arn, control_tower_baseline["arn"], "4.0"
+                    self.ou_arn, ic_baseline_arn, control_tower_baseline["arn"], "5.0"
                 )
                 if baseline_arn:
                     print(f"Enabled baseline ARN: {baseline_arn}")
@@ -133,9 +133,10 @@ def run_scenario(self) -> None:
                             == control_tower_baseline["arn"]
                         ):
                             baseline_arn = enabled_baseline["arn"]
-                    print("No change, the selected baseline was already enabled.")
+                    if baseline_arn:
+                        print("No change, the selected baseline was already enabled.")
 
-                if q.ask(
+                if baseline_arn and q.ask(
                     f"Do you want to reset the Control Tower Baseline? (y/n) ",
                     q.is_yesno,
                 ):
@@ -161,7 +162,7 @@ def run_scenario(self) -> None:
                         self.ou_arn,
                         ic_baseline_arn,
                         control_tower_baseline["arn"],
-                        "4.0",
+                        "5.0",
                     )
 
         # List and Enable Controls.