Fix Typings.

aws-samples · Mar 8, 2024 · a88f415 · a88f415
1 parent a314d21
commit a88f415
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 55 deletions.
diff --git a/aws_sra_examples/solutions/patch_mgmt/lambda/src/app.py b/aws_sra_examples/solutions/patch_mgmt/lambda/src/app.py
@@ -121,7 +121,7 @@ class WindowTargetsDict(TypedDict):
 
 def define_maintenance_window_targets(
     params:dict, window_id_response:list, account_id:str
-) -> list[WindowTargetsDict]:
+) -> list[dict[str, Any]]:
     """
     Define maintenance window targets
 
@@ -178,12 +178,11 @@ def define_maintenance_window_targets(
     return windowTargets
 
 
-WindowTasksDict = TypedDict("windowId", {"region": str, "windowId": str})
 
 
 def define_maintenance_window_tasks(
     params: dict, window_id_response:list, window_target_response:list, account_id:str
-) -> list[WindowTasksDict]:
+) -> list[dict[str,Any]]:
     """
     Define maintenance window tasks
 
@@ -410,7 +409,7 @@ def process_create_update_event(params: dict, regions: list) -> Dict:
         "action"
     ] == "Update":
         # they updated the stack and want us to remove things.
-        patchmgmt.cleanup_patchmgmt(LOGGER, params, BOTO3_CONFIG)
+        patchmgmt.cleanup_patchmgmt(params, BOTO3_CONFIG)
 
     else:
         for account_id in account_ids:  # across all accounts they desire

diff --git a/aws_sra_examples/solutions/patch_mgmt/lambda/src/patchmgmt.py b/aws_sra_examples/solutions/patch_mgmt/lambda/src/patchmgmt.py
@@ -1,8 +1,14 @@
 import common
-
 from botocore.config import Config
+import logging
+import os
+# Setup Default Logger
+LOGGER = logging.getLogger("sra")
+log_level: str = os.environ.get("LOG_LEVEL", "ERROR")
+LOGGER.setLevel(log_level)
+
 
-def cleanup_patchmgmt(LOGGER: callable, params:dict, BOTO3_CONFIG: Config) -> None:
+def cleanup_patchmgmt(params:dict, BOTO3_CONFIG: Config) -> None:
     windowInformation = common.get_window_information()
     # use boto3 and assume the role to delete all the tasks inside of maintenance windows, then delete the targets, then delete the windows
     for windowTask in windowInformation["window_tasks"]:

diff --git a/aws_sra_examples/solutions/patch_mgmt/templates/sra-patch_mgmt-configuration-role.yaml b/aws_sra_examples/solutions/patch_mgmt/templates/sra-patch_mgmt-configuration-role.yaml
@@ -128,55 +128,6 @@ Resources:
                   - organizations:ListAccounts
                   - organizations:DescribeOrganization
                 Resource: "*"
-        # - PolicyName: sra-patch-mgmt-policy
-        #   PolicyDocument:
-        #     Version: 2012-10-17
-        #     Statement:
-        #       - Sid: DetectiveAccess
-        #         Effect: Allow
-        #         Action:
-        #           - detective:ListGraphs
-        #         Resource: "*"
-        # - PolicyName: sra-patch-mgmt
-        #   PolicyDocument:
-        #     Version: 2012-10-17
-        #     Statement:
-        #       - Sid: DetectiveAccess
-        #         Effect: Allow
-        #         Action:
-        #           - detective:CreateMembers
-        #           - detective:DescribeOrganizationConfiguration
-        #           - detective:ListMembers
-        #           - detective:ListDataSourcePackages
-        #           - detective:UpdateDatasourcePackages
-        #           - detective:UpdateOrganizationConfiguration
-        #         Resource: !Sub arn:${AWS::Partition}:detective:*:*:graph:*
-        # - PolicyName: sra-patch-mgmt-org-policy-iam
-        #   PolicyDocument:
-        #     Version: 2012-10-17
-        #     Statement:
-        #       - Sid: AllowReadIamActions
-        #         Effect: Allow
-        #         Action: iam:GetRole
-        #         Resource: !Sub arn:${AWS::Partition}:iam::${AWS::AccountId}:role/*
-
-        #       - Sid: AllowCreateServiceLinkedRole
-        #         Effect: Allow
-        #         Action: iam:CreateServiceLinkedRole
-        #         Condition:
-        #           StringLike:
-        #             iam:AWSServiceName: detective.amazonaws.com
-        #         Resource: !Sub arn:${AWS::Partition}:iam::${AWS::AccountId}:role/aws-service-role/detective.amazonaws.com/AWSServiceRoleForDetective
-
-        #       - Sid: AllowPolicyActions
-        #         Effect: Allow
-        #         Action: iam:PutRolePolicy
-        #         Resource: !Sub arn:${AWS::Partition}:iam::${AWS::AccountId}:role/aws-service-role/detective.amazonaws.com/AWSServiceRoleForDetective
-
-        #       - Sid: AllowDeleteServiceLinkRole
-        #         Effect: Allow
-        #         Action: iam:DeleteServiceLinkedRole
-        #         Resource: !Sub arn:${AWS::Partition}:iam::${AWS::AccountId}:role/aws-service-role/detective.amazonaws.com/AWSServiceRoleForDetective
       Tags:
         - Key: sra-solution
           Value: !Ref pSRASolutionName