Fix duplicate AWS::Logs::ResourcePolicy

markpeek · markpeek · commit a7716408e1dc · 2021-08-28T07:36:19.000-07:00
The newly added LogResourcePolicy already existed as ResourcePolicy
in Logs. Prefer the older one as it aligns with the AWS naming.
This does keep the newly added validation and tests.
diff --git a/tests/test_logs.py b/tests/test_logs.py
@@ -1,7 +1,12 @@
 import unittest
 
 from troposphere import Retain
-from troposphere.logs import Destination, LogGroup, validate_resource_policy, LogResourcePolicy
+from troposphere.logs import (
+    Destination,
+    LogGroup,
+    ResourcePolicy,
+    validate_resource_policy,
+)
 
 
 class TestLogs(unittest.TestCase):
@@ -36,18 +41,30 @@ def test_log_destination(self):
         self.assertIn("Properties", log_destination_json)
 
     def test_validate_resource_policy(self):
-        for s in ["{ \"Version\": \"2012-10-17\", \"Statement\": [ { \"Sid\": \"Route53LogsToCloudWatchLogs\", \"Effect\": \"Allow\", \"Principal\": { \"Service\": [ \"route53.amazonaws.com\" ] }, \"Action\":\"logs:PutLogEvents\", \"Resource\": \"logArn\" } ] }", {'Version': '2012-10-17', 'Statement': [{'Sid': 'Route53LogsToCloudWatchLogs', 'Effect': 'Allow', 'Principal': {'Service': ['route53.amazonaws.com']}, 'Action': 'logs:PutLogEvents', 'Resource': 'logArn'}]}]:
+        for s in [
+            '{ "Version": "2012-10-17", "Statement": [ { "Sid": "Route53LogsToCloudWatchLogs", "Effect": "Allow", "Principal": { "Service": [ "route53.amazonaws.com" ] }, "Action":"logs:PutLogEvents", "Resource": "logArn" } ] }',
+            {
+                "Version": "2012-10-17",
+                "Statement": [
+                    {
+                        "Sid": "Route53LogsToCloudWatchLogs",
+                        "Effect": "Allow",
+                        "Principal": {"Service": ["route53.amazonaws.com"]},
+                        "Action": "logs:PutLogEvents",
+                        "Resource": "logArn",
+                    }
+                ],
+            },
+        ]:
             validate_resource_policy(s)
-            log_policy = LogResourcePolicy(
-                "TestLogPolicy",
-                PolicyName='TestLogPolicy',
-                PolicyDocument=s
+            log_policy = ResourcePolicy(
+                "TestLogPolicy", PolicyName="TestLogPolicy", PolicyDocument=s
             )
             expected = log_policy.to_dict()
-            properties = expected['Properties']
-            self.assertEqual(properties.get('PolicyDocument'), s)
+            properties = expected["Properties"]
+            self.assertEqual(properties.get("PolicyDocument"), s)
 
-        for s in ["", "H"*5121, "TEXT", {}]:
+        for s in ["", "H" * 5121, "TEXT", {}]:
             with self.assertRaises(ValueError):
                 validate_resource_policy(s)
 
diff --git a/troposphere/logs.py b/troposphere/logs.py
@@ -1,8 +1,9 @@
+import json
+
 from . import AWSObject, AWSProperty
 from .compat import policytypes
 from .constants import LOGS_ALLOWED_RETENTION_DAYS as RETENTION_DAYS
 from .validators import integer_list_item, json_checker
-import json
 
 policytypes = policytypes + (str,)
 
@@ -93,7 +94,7 @@ class ResourcePolicy(AWSObject):
     resource_type = "AWS::Logs::ResourcePolicy"
 
     props = {
-        "PolicyDocument": (str, True),
+        "PolicyDocument": (validate_resource_policy, True),
         "PolicyName": (str, True),
     }
 
@@ -107,12 +108,3 @@ class SubscriptionFilter(AWSObject):
         "LogGroupName": (str, True),
         "RoleArn": (str, False),
     }
-
-
-class LogResourcePolicy(AWSObject):
-    resource_type = "AWS::Logs::ResourcePolicy"
-
-    props = {
-        "PolicyDocument": (validate_resource_policy, True),
-        "PolicyName": (str, True),
-    }
