From 76734efe4686eb665aef54adf4b250af0c6fe27e Mon Sep 17 00:00:00 2001 From: Clark Schneider Date: Tue, 3 May 2022 23:31:21 +0000 Subject: [PATCH] Issue #5 HandleInfractions input adjusted to new model --- app.py | 2 +- stacks/control_broker_stack.py | 132 +++++++++--------- .../python_subprocess/lambda_function.py | 2 +- 3 files changed, 69 insertions(+), 67 deletions(-) diff --git a/app.py b/app.py index 161f507b..cb9b18b7 100644 --- a/app.py +++ b/app.py @@ -13,7 +13,7 @@ from stacks.test_stack import TestStack from stacks.endpoint_stack import EndpointStack -STACK_VERSION = "V0x6x3" +STACK_VERSION = "V0x7x0" app = cdk.App() continuously_deployed = app.node.try_get_context( diff --git a/stacks/control_broker_stack.py b/stacks/control_broker_stack.py index ddae0167..7b10e07b 100644 --- a/stacks/control_broker_stack.py +++ b/stacks/control_broker_stack.py @@ -748,8 +748,7 @@ def deploy_inner_sfn(self): }, "EvaluateCloudFormationTemplateByOPA": { "Type": "Task", - # "Next": "GatherInfractions", - "End": True, + "Next": "GatherInfractions", "ResultPath": "$.EvaluateCloudFormationTemplateByOPA", "Resource": "arn:aws:states:::lambda:invoke", "Parameters": { @@ -768,69 +767,72 @@ def deploy_inner_sfn(self): "Results.$": "$.Payload.EvaluateCloudFormationTemplateByOPAResults" }, }, - # "GatherInfractions": { - # "Type": "Task", - # "Next": "ChoiceInfractionsExist", - # "ResultPath": "$.GatherInfractions", - # "Resource": "arn:aws:states:::lambda:invoke", - # "Parameters": { - # "FunctionName": self.lambda_gather_infractions.function_name, - # "Payload.$": "$.EvaluateCloudFormationTemplateByOPA.Results", - # }, - # "ResultSelector": { - # "Infractions.$": "$.Payload.Infractions" - # }, - # }, - # "ChoiceInfractionsExist": { - # "Type": "Choice", - # "Default": "ForEachInfraction", - # "Choices": [ - # { - # "Variable": "$.GatherInfractions.Infractions[0]", - # "IsPresent": False, - # "Next": "NoInfractions", - # } - # ], - # }, - # "NoInfractions": { - # "Type": "Succeed", - # }, - # "ForEachInfraction": { - # "Type": "Map", - # "Next": "InfractionsExist", - # "ResultPath": "$.ForEachInfraction", - # "ItemsPath": "$.GatherInfractions.Infractions", - # "Parameters": { - # "Infraction.$": "$$.Map.Item.Value", - # "JsonInput.$": "$.JsonInput", - # "OuterEvalEngineSfnExecutionId.$": "$.OuterEvalEngineSfnExecutionId", - # "ConsumerMetadata.$": "$.ConsumerMetadata", - # }, - # "Iterator": { - # "StartAt": "HandleInfraction", - # "States": { - # "HandleInfraction": { - # "Type": "Task", - # "End": True, - # "ResultPath": "$.HandleInfraction", - # "Resource": "arn:aws:states:::lambda:invoke", - # "Parameters": { - # "FunctionName": self.lambda_handle_infraction.function_name, - # "Payload": { - # "Infraction.$": "$.Infraction", - # "JsonInput.$": "$.JsonInput", - # "OuterEvalEngineSfnExecutionId.$": "$.OuterEvalEngineSfnExecutionId", - # "ConsumerMetadata.$": "$.ConsumerMetadata", - # } - # }, - # "ResultSelector": {"Payload.$": "$.Payload"}, - # }, - # }, - # }, - # }, - # "InfractionsExist": { - # "Type": "Fail", - # }, + "GatherInfractions": { + "Type": "Task", + "Next": "ChoiceInfractionsExist", + "ResultPath": "$.GatherInfractions", + "Resource": "arn:aws:states:::lambda:invoke", + "Parameters": { + "FunctionName": self.lambda_gather_infractions.function_name, + "Payload.$": "$.EvaluateCloudFormationTemplateByOPA.Results", + }, + "ResultSelector": { + "Infractions.$": "$.Payload.Infractions" + }, + }, + "ChoiceInfractionsExist": { + "Type": "Choice", + "Default": "ForEachInfraction", + "Choices": [ + { + "Variable": "$.GatherInfractions.Infractions[0]", + "IsPresent": False, + "Next": "NoInfractions", + } + ], + }, + "NoInfractions": { + "Type": "Succeed", + }, + "ForEachInfraction": { + "Type": "Map", + "Next": "InfractionsExist", + "ResultPath": "$.ForEachInfraction", + "ItemsPath": "$.GatherInfractions.Infractions", + "Parameters": { + "Infraction.$": "$$.Map.Item.Value", + "JsonInput.$": "$.JsonInput", + "OuterEvalEngineSfnExecutionId.$": "$.OuterEvalEngineSfnExecutionId", + "ConsumerMetadata.$": "$.ConsumerMetadata", + }, + "Iterator": { + "StartAt": "HandleInfraction", + "States": { + "HandleInfraction": { + "Type": "Task", + "End": True, + "ResultPath": "$.HandleInfraction", + "Resource": "arn:aws:states:::lambda:invoke", + "Parameters": { + "FunctionName": self.lambda_handle_infraction.function_name, + "Payload": { + "Infraction.$": "$.Infraction", + "JsonInput": { + "Bucket.$":"$.PaCEvaluationRouter.Routing.ModifiedInput.Bucket", + "Key.$":"$.PaCEvaluationRouter.Routing.ModifiedInput.Key", + }, + "OuterEvalEngineSfnExecutionId.$": "$.OuterEvalEngineSfnExecutionId", + "ConsumerMetadata.$": "$.InvokedByApigw.ControlBrokerConsumerInputs.ConsumerMetadata", + } + }, + "ResultSelector": {"Payload.$": "$.Payload"}, + }, + }, + }, + }, + "InfractionsExist": { + "Type": "Fail", + }, }, } ), diff --git a/supplementary_files/lambdas/pac_evaluation/input_type_cloudformation/pac_framework_opa/python_subprocess/lambda_function.py b/supplementary_files/lambdas/pac_evaluation/input_type_cloudformation/pac_framework_opa/python_subprocess/lambda_function.py index b84240a1..d87c5700 100644 --- a/supplementary_files/lambdas/pac_evaluation/input_type_cloudformation/pac_framework_opa/python_subprocess/lambda_function.py +++ b/supplementary_files/lambdas/pac_evaluation/input_type_cloudformation/pac_framework_opa/python_subprocess/lambda_function.py @@ -133,5 +133,5 @@ def lambda_handler(event, context): print(f'opa_eval_results:\n{opa_eval_results}\n{type(opa_eval_results)}') return { - "InputTypeCloudFormationPaCFrameworkOPAResults": opa_eval_results + "EvaluateCloudFormationTemplateByOPAResults": opa_eval_results } \ No newline at end of file