Skip to content

Commit

Permalink
Hard Deletion Lambda tweaks + IAM fixes (#65)
Browse files Browse the repository at this point in the history
* Hard Deletion Lambda tweaks + IAM fixes

* Added comment

* Rename variables

---------

Co-authored-by: Kris Bloe <kris.bloe@answerdigital.com>
  • Loading branch information
chrisbloe-nhse and chrisbloe authored Jun 10, 2024
1 parent 0f3c9b0 commit caf3585
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 12 deletions.
11 changes: 7 additions & 4 deletions ehr-hard-deletion-lambda/EhrHardDeletion.py
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@

def lambda_handler(event, context) -> None:
table_name, inbound_conversation_id = parse_event(event)
delete_ehr_from_s3(inbound_conversation_id)
verify_database_table_records_deleted(table_name, inbound_conversation_id)
delete_ehr_from_s3(inbound_conversation_id.lower())
verify_database_table_records_deleted(table_name, inbound_conversation_id.upper())


def parse_event(event) -> tuple[str, str]:
Expand All @@ -36,8 +36,11 @@ def delete_ehr_from_s3(inbound_conversation_id: str) -> None:
repo_bucket = s3.Bucket(s3_bucket_name)

if list(repo_bucket.objects.filter(Prefix=inbound_conversation_id + "/")):
logger.info("Attempting to delete EHR in the S3 Bucket")
repo_bucket.objects.filter(Prefix=inbound_conversation_id + "/").delete()
count_of_files = 0
for unused_var in repo_bucket.objects.filter(Prefix=inbound_conversation_id + "/"): count_of_files+=1
logger.info(f"Attempting to delete EHR in the S3 Bucket ({str(count_of_files)} file(s))")
# https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectVersions.html
repo_bucket.object_versions.filter(Prefix=inbound_conversation_id + "/").delete()
if not list(repo_bucket.objects.filter(Prefix=inbound_conversation_id + "/")):
logger.info("EHR has been deleted from the S3 Bucket successfully!")
else:
Expand Down
20 changes: 12 additions & 8 deletions terraform/ehr_deletion_lambda.tf
Original file line number Diff line number Diff line change
Expand Up @@ -81,20 +81,24 @@ resource "aws_iam_policy" "lambda_s3_repo_object_deletion" {
{
Effect = "Allow",
Action = [
"s3:DeleteObject",
"s3:DeleteObjectVersion",
"s3:ListBucket",
"s3:ListBucketVersions"
],
Resource = [
"${data.aws_s3_bucket.ehr_repo_bucket.arn}/*",
"${data.aws_s3_bucket.ehr_repo_bucket.arn}"
],
},
{
"Effect" : "Allow",
"Action" : "s3:ListBucket",
"Resource" : data.aws_s3_bucket.ehr_repo_bucket.arn
},
],
Effect = "Allow",
Action = [
"s3:DeleteObject",
"s3:DeleteObjectVersion"
],
Resource = [
"${data.aws_s3_bucket.ehr_repo_bucket.arn}/*"
],
}
]
})
}

Expand Down

0 comments on commit caf3585

Please sign in to comment.