3.0.1 (#212)

awslabs · Jan 20, 2020 · 1f1fe23 · 1f1fe23
1 parent 9050d98
commit 1f1fe23
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 28 deletions.
diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/organization_policy.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/organization_policy.py
@@ -19,10 +19,11 @@ def __init__(self):
 
     @staticmethod
     def _find_all(policy):
-        return [
+        _files = [
             p for p in glob.iglob(
-                './**/{0}.json'.format(policy),
+                './adf-bootstrap/**/{0}.json'.format(policy),
                 recursive=True)]
+        return [f.replace('./adf-bootstrap', '.') for f in _files]
 
     def _compare_ordered_policy(self, obj):
         if isinstance(obj, dict):
@@ -35,12 +36,11 @@ def _compare_ordered_policy(self, obj):
 
     @staticmethod
     def _trim_scp_file_name(policy):
-        return policy[15:][:-8] if policy[15:][:-8] == '/' else policy[16:][:-9]
+        return policy[1:][:-8] if policy[1:][:-8] == '/' else policy[2:][:-9]
 
     @staticmethod
     def _trim_tagging_policy_file_name(policy):
-        return policy[15:][:-19] if policy[15:][:- \
-            19] == '/' else policy[16:][:-20]
+        return policy[1:][:-19] if policy[1:][:-19] == '/' else policy[2:][:-20]
 
     @staticmethod
     def set_scp_attachment(
@@ -163,7 +163,7 @@ def apply(self, organizations, parameter_store, config):  # pylint: disable=R091
                         policy_id, organization_mapping[path])
                 except organizations.client.exceptions.DuplicatePolicyException:
                     LOGGER.info(
-                        'Policy (%s) for %s already exists but was not attached, attaching.',
+                        'Policy (%s) for %s exists ensuring attached.',
                         policy,
                         organization_mapping[path])
                     policy_id = organizations.list_policies(

diff --git a/...bda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/organizations.py b/...bda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/organizations.py
@@ -71,17 +71,20 @@ def update_policy(self, content, policy_id):
         )
 
     def create_policy(self, content, ou_path, policy_type="SERVICE_CONTROL_POLICY"):
-        response = self.client.create_policy(
-            Content=content,
-            Description='ADF Managed {0}'.format(policy_type),
-            Name='adf-{0}-{1}'.format('scp' if policy_type == "SERVICE_CONTROL_POLICY" else 'tagging-policy', ou_path),
-            Type=policy_type
-        )
-        return response['Policy']['PolicySummary']['Id']
+        try:
+            response = self.client.create_policy(
+                Content=content,
+                Description='ADF Managed {0}'.format(policy_type),
+                Name='adf-{0}-{1}'.format('scp' if policy_type == "SERVICE_CONTROL_POLICY" else 'tagging-policy', ou_path),
+                Type=policy_type
+            )
+            return response['Policy']['PolicySummary']['Id']
+        except self.client.exceptions.DuplicatePolicyAttachmentException:
+            pass
 
     @staticmethod
     def get_policy_body(path):
-        with open(path, 'r') as policy:
+        with open('./adf-bootstrap/{0}'.format(path), 'r') as policy:
             return json.dumps(json.load(policy))
 
     def list_policies(self, name, policy_type="SERVICE_CONTROL_POLICY"):
@@ -108,10 +111,13 @@ def describe_policy(self, policy_id):
         return response.get('Policy')
 
     def attach_policy(self, policy_id, target_id):
-        self.client.attach_policy(
-            PolicyId=policy_id,
-            TargetId=target_id
-        )
+        try:
+            self.client.attach_policy(
+                PolicyId=policy_id,
+                TargetId=target_id
+            )
+        except self.client.exceptions.DuplicatePolicyAttachmentException:
+            pass
 
     def detach_policy(self, policy_id, target_id):
         self.client.detach_policy(

diff --git a/src/template.yml b/src/template.yml
@@ -14,7 +14,7 @@ Metadata:
     ReadmeUrl: ../docs/serverless-application-repo.md
     Labels: ['adf', 'aws-deployment-framework', 'multi-account', 'cicd', 'devops']
     HomePageUrl: https://github.com/awslabs/aws-deployment-framework
-    SemanticVersion: 3.0.0
+    SemanticVersion: 3.0.1
     SourceCodeUrl: https://github.com/awslabs/aws-deployment-framework
 Parameters:
   CrossAccountAccessRoleName:
@@ -172,7 +172,7 @@ Resources:
           TERMINATION_PROTECTION: false
           MASTER_ACCOUNT_ID: !Ref AWS::AccountId
           ORGANIZATION_ID: !GetAtt Organization.OrganizationId
-          ADF_VERSION: 3.0.0
+          ADF_VERSION: 3.0.1
           ADF_LOG_LEVEL: INFO
       FunctionName: StackWaiter
       Role: !GetAtt LambdaRole.Arn
@@ -193,7 +193,7 @@ Resources:
           DEPLOYMENT_ACCOUNT_BUCKET: !GetAtt SharedModulesBucketName.Value
           MASTER_ACCOUNT_ID: !Ref AWS::AccountId
           ORGANIZATION_ID: !GetAtt Organization.OrganizationId
-          ADF_VERSION: 3.0.0
+          ADF_VERSION: 3.0.1
           ADF_LOG_LEVEL: INFO
       FunctionName: DetermineEventFunction
       Role: !GetAtt LambdaRole.Arn
@@ -214,7 +214,7 @@ Resources:
           DEPLOYMENT_ACCOUNT_BUCKET: !GetAtt SharedModulesBucketName.Value
           MASTER_ACCOUNT_ID: !Ref AWS::AccountId
           ORGANIZATION_ID: !GetAtt Organization.OrganizationId
-          ADF_VERSION: 3.0.0
+          ADF_VERSION: 3.0.1
           ADF_LOG_LEVEL: INFO
       FunctionName: CrossAccountExecuteFunction
       Role: !GetAtt LambdaRole.Arn
@@ -233,7 +233,7 @@ Resources:
           S3_BUCKET_NAME: !Ref BootstrapTemplatesBucket
           TERMINATION_PROTECTION: false
           MASTER_ACCOUNT_ID: !Ref AWS::AccountId
-          ADF_VERSION: 3.0.0
+          ADF_VERSION: 3.0.1
           ADF_LOG_LEVEL: INFO
       FunctionName: RoleStackDeploymentFunction
       Role: !GetAtt LambdaRole.Arn
@@ -252,7 +252,7 @@ Resources:
           S3_BUCKET_NAME: !Ref BootstrapTemplatesBucket
           TERMINATION_PROTECTION: false
           MASTER_ACCOUNT_ID: !Ref AWS::AccountId
-          ADF_VERSION: 3.0.0
+          ADF_VERSION: 3.0.1
           ADF_LOG_LEVEL: INFO
       FunctionName: MovedToRootActionFunction
       Role: !GetAtt LambdaRole.Arn
@@ -271,7 +271,7 @@ Resources:
           S3_BUCKET_NAME: !Ref BootstrapTemplatesBucket
           TERMINATION_PROTECTION: false
           MASTER_ACCOUNT_ID: !Ref AWS::AccountId
-          ADF_VERSION: 3.0.0
+          ADF_VERSION: 3.0.1
           ADF_LOG_LEVEL: INFO
       FunctionName: UpdateResourcePoliciesFunction
       Role: !GetAtt LambdaRole.Arn
@@ -449,7 +449,7 @@ Resources:
         Image: "aws/codebuild/standard:2.0"
         EnvironmentVariables:
           - Name: ADF_VERSION
-            Value: 3.0.0
+            Value: 3.0.1
           - Name: TERMINATION_PROTECTION
             Value: false
           - Name: PYTHONPATH
@@ -714,7 +714,7 @@ Resources:
     Type: Custom::InitialCommit
     Properties:
       ServiceToken: !GetAtt InitialCommitHandler.Arn
-      Version: 3.0.0
+      Version: 3.0.1
       RepositoryArn: !GetAtt CodeCommitRepository.Arn
       DirectoryName: bootstrap_repository
       ExistingAccountId: !Ref DeploymentAccountId
@@ -935,7 +935,7 @@ Resources:
           Id: adf-codepipeline-trigger-bootstrap
 Outputs:
   ADFVersionNumber:
-    Value: 3.0.0
+    Value: 3.0.1
     Export:
       Name: "ADFVersionNumber"
   LayerArn: