fix flake8 issues with config rules

cyphronix · cyphronix · commit 7530e0ea771e · 2024-12-11T21:26:35.000-07:00
diff --git a/aws_sra_examples/solutions/genai/bedrock_org/lambda/rules/sra_bedrock_check_s3_endpoints/app.py b/aws_sra_examples/solutions/genai/bedrock_org/lambda/rules/sra_bedrock_check_s3_endpoints/app.py
@@ -1,4 +1,13 @@
 
+"""Config rule to check s3 endpoints for Bedrock environemts.
+
+Version: 1.0
+
+Config rule for SRA in the repo, https://github.com/aws-samples/aws-security-reference-architecture-examples
+
+Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+SPDX-License-Identifier: MIT-0
+"""
 from typing import Any
 import boto3
 import json
@@ -18,14 +27,22 @@
 ec2_client = boto3.client('ec2', region_name=AWS_REGION)
 config_client = boto3.client('config', region_name=AWS_REGION)
 
-def evaluate_compliance(configuration_item: dict) -> tuple[str, str]:
-    """Evaluates if an S3 Gateway Endpoint is in place for the VPC"""
-    
+
+def evaluate_compliance(configuration_item: dict) -> tuple[str, str]:  # noqa: CFQ004
+    """Evaluate if an S3 Gateway Endpoint is in place for the VPC.
+
+    Args:
+        configuration_item (dict): The AWS Config rule configuration item.
+
+    Returns:
+        tuple[str, str]: Compliance type and annotation message.
+
+    """
     if configuration_item['resourceType'] != 'AWS::EC2::VPC':
         return 'NOT_APPLICABLE', "Resource is not a VPC"
 
     vpc_id = configuration_item['configuration']['vpcId']
-    
+
     try:
         response = ec2_client.describe_vpc_endpoints(
             Filters=[
@@ -38,14 +55,20 @@ def evaluate_compliance(configuration_item: dict) -> tuple[str, str]:
         if response['VpcEndpoints']:
             endpoint_id = response['VpcEndpoints'][0]['VpcEndpointId']
             return 'COMPLIANT', f"S3 Gateway Endpoint is in place for VPC {vpc_id}. Endpoint ID: {endpoint_id}"
-        else:
-            return 'NON_COMPLIANT', f"S3 Gateway Endpoint is not in place for VPC {vpc_id}"
+        return 'NON_COMPLIANT', f"S3 Gateway Endpoint is not in place for VPC {vpc_id}"
 
     except Exception as e:
         LOGGER.error(f"Error evaluating S3 Gateway Endpoint configuration: {str(e)}")
         return 'ERROR', f"Error evaluating compliance: {str(e)}"
 
-def lambda_handler(event: dict, context: Any) -> None:
+
+def lambda_handler(event: dict, context: Any) -> None:  # noqa: U100
+    """Lambda handler.
+
+    Args:
+        event (dict): Config event object
+        context (Any): Lambda context object
+    """
     LOGGER.info('Evaluating compliance for AWS Config rule')
     LOGGER.info(f"Event: {json.dumps(event)}")
 
@@ -88,4 +111,4 @@ def lambda_handler(event: dict, context: Any) -> None:
             ResultToken=event['resultToken']
         )
 
-    LOGGER.info(f"Compliance evaluation complete. Processed {len(evaluations)} evaluations.")
+    LOGGER.info(f"Compliance evaluation complete. Processed {len(evaluations)} evaluations.")
