11"""Custom Resource to setup SRA Config resources in the organization.
22
3- Version: 0.1
3+ Version: 1.0
44
55CloudWatch module for SRA in the repo, https://github.com/aws-samples/aws-security-reference-architecture-examples
66
1414import os
1515from time import sleep
1616
17- from typing import TYPE_CHECKING
17+ from typing import TYPE_CHECKING , Literal
1818
1919import boto3
2020from botocore .config import Config
2929 from mypy_boto3_logs import CloudWatchLogsClient
3030 from mypy_boto3_oam import CloudWatchObservabilityAccessManagerClient
3131 from mypy_boto3_iam .type_defs import CreatePolicyResponseTypeDef , CreateRoleResponseTypeDef , EmptyResponseMetadataTypeDef
32- from mypy_boto3_cloudwatch .type_defs import MetricFilterTypeDef , GetMetricDataResponseTypeDef
32+ # from mypy_boto3_cloudwatch.type_defs import StatisticType # , MetricFilterTypeDef, GetMetricDataResponseTypeDef,
3333 from mypy_boto3_logs .type_defs import FilteredLogEventTypeDef , GetLogEventsResponseTypeDef
3434
3535
@@ -44,9 +44,9 @@ class sra_cloudwatch:
4444
4545 SINK_NAME = "sra-oam-sink"
4646 SOLUTION_NAME : str = "sra-set-solution-name"
47- SINK_POLICY = {}
48- CROSS_ACCOUNT_ROLE_NAME = "CloudWatch-CrossAccountSharingRole"
49- CROSS_ACCOUNT_TRUST_POLICY = {}
47+ SINK_POLICY : dict = {}
48+ CROSS_ACCOUNT_ROLE_NAME : str = "CloudWatch-CrossAccountSharingRole"
49+ CROSS_ACCOUNT_TRUST_POLICY : dict = {}
5050
5151 try :
5252 MANAGEMENT_ACCOUNT_SESSION = boto3 .Session ()
@@ -132,10 +132,10 @@ def create_metric_alarm(
132132 alarm_description : str ,
133133 metric_name : str ,
134134 metric_namespace : str ,
135- metric_statistic : str ,
135+ metric_statistic : Literal [ 'Average' , 'Maximum' , 'Minimum' , 'SampleCount' , 'Sum' ] ,
136136 metric_period : int ,
137137 metric_threshold : float ,
138- metric_comparison_operator : str ,
138+ metric_comparison_operator : Literal [ 'GreaterThanOrEqualToThreshold' , 'GreaterThanThreshold' , 'GreaterThanUpperThreshold' , 'LessThanLowerOrGreaterThanUpperThreshold' , 'LessThanLowerThreshold' , 'LessThanOrEqualToThreshold' , 'LessThanThreshold' ] ,
139139 metric_evaluation_periods : int ,
140140 metric_treat_missing_data : str ,
141141 alarm_actions : list ,
@@ -172,10 +172,10 @@ def update_metric_alarm(
172172 alarm_description : str ,
173173 metric_name : str ,
174174 metric_namespace : str ,
175- metric_statistic : str ,
175+ metric_statistic : Literal [ 'Average' , 'Maximum' , 'Minimum' , 'SampleCount' , 'Sum' ] ,
176176 metric_period : int ,
177177 metric_threshold : float ,
178- metric_comparison_operator : str ,
178+ metric_comparison_operator : Literal [ 'GreaterThanOrEqualToThreshold' , 'GreaterThanThreshold' , 'GreaterThanUpperThreshold' , 'LessThanLowerOrGreaterThanUpperThreshold' , 'LessThanLowerThreshold' , 'LessThanOrEqualToThreshold' , 'LessThanThreshold' ] ,
179179 metric_evaluation_periods : int ,
180180 metric_treat_missing_data : str ,
181181 alarm_actions : list ,
@@ -246,22 +246,6 @@ def create_oam_sink(self, sink_name: str) -> str:
246246 self .LOGGER .error (f"{ self .UNEXPECTED } { e } )
247247 raise ValueError (f"Unexpected error executing Lambda function. { e } ) from None
248248
249- # def delete_oam_sink(self, sink_arn: str) -> None:
250- # """Delete the Observability Access Manager sink for SRA in the organization.
251-
252- # Args:
253- # sink_arn (str): ARN of the sink
254-
255- # Returns:
256- # None
257- # """
258- # try:
259- # self.CWOAM_CLIENT.delete_sink(Identifier=sink_arn)
260- # self.LOGGER.info(f"Observability access manager sink {sink_arn} deleted")
261- # except ClientError as e:
262- # self.LOGGER.info(self.UNEXPECTED)
263- # raise ValueError(f"Unexpected error executing Lambda function. {e}") from None
264-
265249 def find_oam_sink_policy (self , sink_arn : str ) -> tuple [bool , dict ]:
266250 """Check if the Observability Access Manager sink policy for SRA in the organization exists.
267251
0 commit comments