improve validate-resources-from-desired-regions

Author: rberlind

governance/third-generation/aws/aws-functions/aws-functions.sentinel

@@ -157,12 +157,10 @@ validate_assumed_roles_with_map = func(roles_map, workspace_name) {
 }
 
 ### filter_resources_by_region ###
-# Filter resources to those from a specific provider alias in a specific region
-# using the tfconfig/v2 import.
+# Filter resources to those in a specific region using the tfconfig/v2 import.
 # The parameter, resources, should be a collection of AWS resources from tfconfig
-# The parameter, provider, should be a provider derived from tfconfig.providers.
 # The parameter, region, should be given as a string such as "us-east-1"
-filter_resources_by_region = func(resources, provider, region) {
+filter_resources_by_region = func(resources, region) {
 
   resources_from_region = {}
 

governance/third-generation/aws/aws-functions/docs/filter_resources_by_region.md

@@ -1,5 +1,5 @@
 # filter_resources_by_region
-This function filters a collection of AWS resources to those created by a specific alias of the AWS provider and a specific region. The resources should come from the tfconfig/v2 import
+This function filters a collection of AWS resources to those created in a specific region. The resources should come from the tfconfig/v2 import
 
 ## Sentinel Module
 This function is contained in the [aws-functions.sentinel](../aws-functions.sentinel) module.
@@ -9,7 +9,6 @@ This function is contained in the [aws-functions.sentinel](../aws-functions.sent
 
 ## Arguments
 * **resources**: a collection of AWS resources derived from the tfconfig.resources.
-* **provider**: a specific alias of the AWS provider derived from tfconfig.providers.
 * **region**: a specific AWS region, provided as a string
 
 ## Common Functions Used
@@ -24,10 +23,8 @@ This function does not print anything.
 ## Examples
 Here is an example of calling this function, assuming that the aws-functions.sentinel file that contains it has been imported with the alias `aws`:
 ```
-for all_aws_providers as p {
-  for allowed_regions as region {
-      filtered_resources = aws.filter_resources_by_region(all_aws_resources, p, region)
-  }
+for allowed_regions as region {
+  filtered_resources = aws.filter_resources_by_region(all_aws_resources, region)
 }
 ```
 

governance/third-generation/aws/validate-resources-from-desired-regions.sentinel

@@ -14,18 +14,13 @@ allowed_regions = ["us-east-1", "us-west-1"]
 # Get all AWS resources
 all_aws_resources = config.find_resources_by_provider("aws")
 
-// Get all providers
-all_aws_providers = config.find_providers_by_type("aws")
-
 # Find all AWS resources for allowed regions
 aws_resources_from_allowed_regions = {}
-for all_aws_providers as p {
-  for allowed_regions as region {
-      filtered_resources = aws.filter_resources_by_region(all_aws_resources, p, region)
-      # Add the filtered resources to aws_resources_from_allowed_regions
-      for filtered_resources as address, r {
-        aws_resources_from_allowed_regions[address] = r
-      }
+for allowed_regions as region {
+  filtered_resources = aws.filter_resources_by_region(all_aws_resources, region)
+  # Add the filtered resources to aws_resources_from_allowed_regions
+  for filtered_resources as address, r {
+    aws_resources_from_allowed_regions[address] = r
   }
 }