Add account ID blacklist

Update boto role assumption and client code to be outside of a try/except

lambda_code/scan/scan.py

@@ -28,6 +28,9 @@
 env_name = os.environ["ENVIRONMENT"]
 production_env = os.environ["PRODUCTION_ENVIRONMENT"]
 
+BC_ACCT_ID_BLACKLIST = [
+    "876504563909"
+]
 
 def process_vulnerability(domain, account_name, resource_type, vulnerability_type, takeover=""):
 
@@ -292,15 +295,14 @@ def lambda_handler(event, context):  # pylint:disable=unused-argument
     account_id = event["Id"]
     account_name = event["Name"]
 
-    try:
-        aws_session = assume_role(account_id)
-
-        r53client = aws_session.client("route53")
-    except AttributeError:
-        logging.exception(f"not able to assume role and create Route53 client for account {account_id}")
+    if account_id in BC_ACCT_ID_BLACKLIST:
+        logging.info("account ID found on BC account blacklist, skipping...")
 
         return
 
+    aws_session = assume_role(account_id)
+    r53client = aws_session.client("route53")
+
     hosted_zones = list_hosted_zones(r53client, event)
     for hosted_zone in hosted_zones:
         print(f"Searching for vulnerable domain records in hosted zone {hosted_zone['Name']}")