Merge pull request #66 from tekdj7/code_standardizations

code, consistency, readme, naming

Author: andywick-aws

.flake8

@@ -0,0 +1,24 @@
+[flake8]
+max-line-length = 150
+max-parameters-amount = 7
+min_python_version = 3.9.0
+copyright-regexp = Copyright Amazon.com, Inc\..*
+exclude =
+    .git,
+    __pycache__,
+    .vscode
+
+# enables all flake8 checks
+select = A,B,B9,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,0,1,2,3,4,5,6,7,8,9
+
+# disable below checks:
+ignore =
+    FS003  # f-string missing prefix (false positives with raw strings)
+    T003:  # add link on issue into TODO
+
+# disable flake8 checks for Lambda function source code that will be used inline. (max 4096 characters)
+per-file-ignores =
+    inline_lambda.py:D100,D103,C801
+    ; D100  # missing docstring in public module
+    ; D103  # missing docstring in public function
+    ; C801  # copyright notice not present

.gitignore

@@ -1,4 +1,3 @@
-
 # Created by https://www.toptal.com/developers/gitignore/api/osx,node,linux,python,pycharm,windows,visualstudiocode,intellij
 # Edit at https://www.toptal.com/developers/gitignore?templates=osx,node,linux,python,pycharm,windows,visualstudiocode,intellij
 
@@ -240,7 +239,6 @@ dist
 # Icon must end with two \r
 Icon
 
-
 # Thumbnails
 ._*
 
@@ -502,4 +500,10 @@ $RECYCLE.BIN/
 # Windows shortcuts
 *.lnk
 
-# End of https://www.toptal.com/developers/gitignore/api/osx,node,linux,python,pycharm,windows,visualstudiocode,intellij
+# End of https://www.toptal.com/developers/gitignore/api/osx,node,linux,python,pycharm,windows,visualstudiocode,intellij
+
+# Other
+*.zip
+**/local/*
+**/sra_staging_manual_upload/*
+**/dist-*/*

.markdownlint.json

@@ -0,0 +1,4 @@
+{
+	"MD013": false,
+	"MD024": false
+}

CHANGELOG.md

@@ -1,39 +1,69 @@
-# Change Log
+# Change Log <!-- omit in toc -->
+
+## Table of Contents <!-- omit in toc -->
+
+- [Introduction](#introduction)
+- [2021-11-19](#2021-11-19)
+- [2021-09-02](#2021-09-02)
+- [2021-09-01](#2021-09-01)
+
+---
+
+## Introduction
+
 All notable changes to this project will be documented in this file.
 
 ---
 
+## 2021-11-19
+
+### Added <!-- omit in toc -->
+
+- Added `.flake8`, `poetry.lock`, `pyproject.toml`, and `.markdownlint.json` to define coding standards that we will require and use when building future solutions. Contributors should use the standards defined within these files before submitting
+  pull requests. Existing solutions will get refactored to these standards in future updates.
+- Added S3 `BucketKeyEnabled` to the solutions that create S3 objects (e.g. CloudTrail, GuardDuty, and Macie)
+
+### Changed <!-- omit in toc -->
+
+- Removed the AWS Config Aggregator account solution since AWS Control Tower deploys an account aggregator within the Audit account.
+- Modified the directory structure to support multiple internal packages (e.g. 1 for each solution). The folder structure also allows for tests (integration, unit, etc.). See
+  [Real Python Application with Internal Packages](https://realpython.com/python-application-layouts/#application-with-internal-packages)
+- Renamed folders and files with snake_case to align with [PEP8 Package and Module Names](https://www.python.org/dev/peps/pep-0008/#package-and-module-names)
+- Modified links within `README.md` files to align with the updated folders and file names
+- Updated the `README.md` files to provide consistency and improved formatting.
+- Renamed parameter and template files to `sra-<solution_name>...`
+- Updated default values for parameters for resource names with sra- prefix to help with protecting resources deployed
+
 ## 2021-09-02
 
-### Added
+### Added <!-- omit in toc -->
 
 - Nothing Added
 
-### Changed
+### Changed <!-- omit in toc -->
 
-- Removed all code and references to AWS Landing Zone as it is currently in Long-term Support and will not receive any 
-  additional features. 
+- Removed all code and references to AWS Landing Zone as it is currently in Long-term Support and will not receive any additional features.
 
-### Fixed
+### Fixed <!-- omit in toc -->
 
 - Nothing Fixed
 
 ---
 
 ## 2021-09-01
 
-### Added
+### Added <!-- omit in toc -->
 
 - AWS IAM Access Analyzer solution
 - Organization AWS Config Aggregator Solution
 - Common Register Delegated Administrator Solution
 
-### Changed
+### Changed <!-- omit in toc -->
 
 - Nothing Changed
 
-### Fixed
+### Fixed <!-- omit in toc -->
 
 - Nothing Fixed
 
----
+---

CONTRIBUTING.md

@@ -1,29 +1,37 @@
-# Contributing Guidelines
+# Contributing Guidelines <!-- omit in toc -->
 
-Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional
-documentation, we greatly value feedback and contributions from our community.
+## Table of Contents <!-- omit in toc -->
 
-Please read through this document before submitting any issues or pull requests to ensure we have all the necessary
-information to effectively respond to your bug report or contribution.
+- [Introduction](#introduction)
+- [Reporting Bugs/Feature Requests](#reporting-bugsfeature-requests)
+- [Contributing via Pull Requests](#contributing-via-pull-requests)
+- [Finding contributions to work on](#finding-contributions-to-work-on)
+- [Code of Conduct](#code-of-conduct)
+- [Security issue notifications](#security-issue-notifications)
+- [Licensing](#licensing)
 
+## Introduction
+
+Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional documentation, we greatly value feedback and contributions from our community.
+
+Please read through this document before submitting any issues or pull requests to ensure we have all the necessary information to effectively respond to your bug report or contribution.
 
 ## Reporting Bugs/Feature Requests
 
 We welcome you to use the GitHub issue tracker to report bugs or suggest features.
 
-When filing an issue, please check existing open, or recently closed, issues to make sure somebody else hasn't already
-reported the issue. Please try to include as much information as you can. Details like these are incredibly useful:
-
-* A reproducible test case or series of steps
-* The version of our code being used
-* Any modifications you've made relevant to the bug
-* Anything unusual about your environment or deployment
+When filing an issue, please check existing open, or recently closed, issues to make sure somebody else hasn't already reported the issue. Please try to include as much information as you can. Details like these are incredibly useful:
 
+- A reproducible test case or series of steps
+- The version of our code being used
+- Any modifications you've made relevant to the bug
+- Anything unusual about your environment or deployment
 
 ## Contributing via Pull Requests
+
 Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that:
 
-1. You are working against the latest source on the *master* branch.
+1. You are working against the latest source on the _master_ branch.
 2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already.
 3. You open an issue to discuss any significant work - we would hate for your time to be wasted.
 
@@ -36,23 +44,21 @@ To send us a pull request, please:
 5. Send us a pull request, answering any default questions in the pull request interface.
 6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation.
 
-GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and
-[creating a pull request](https://help.github.com/articles/creating-a-pull-request/).
-
+GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and [creating a pull request](https://help.github.com/articles/creating-a-pull-request/).
 
 ## Finding contributions to work on
-Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any 'help wanted' issues is a great place to start.
 
+Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any 'help wanted' issues
+is a great place to start.
 
 ## Code of Conduct
-This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct).
-For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact
-[email protected] with any additional questions or comments.
 
+This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact [email protected]
+with any additional questions or comments.
 
 ## Security issue notifications
-If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue.
 
+If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue.
 
 ## Licensing
 

CONTRIBUTORS

@@ -1,4 +1,5 @@
 Andy Wickersham
 Kisshore Gunasekaran
 Neal Rothleder
-Todd Gruet
+Todd Gruet
+Julio Delgado Jr.

GENERAL-CONTRIBUTING-GUIDANCE.md

@@ -1,31 +1,36 @@
-## General Guidance for Contributing
+# General Guidance for Contributing <!-- omit in toc -->
 
-### CloudFormation
+## Table of Contents <!-- omit in toc -->
+
+- [CloudFormation](#cloudformation)
+- [Encryption](#encryption)
+- [IAM](#iam)
+- [Lambda](#lambda)
+- [Testing](#testing)
+
+## CloudFormation
 
 - [ ] GG-CLOUDFORMATION1 = Parameterize all resource values
 - [ ] GG-CLOUDFORMATION2 = Include parameter groups and labels
 - [ ] GG-CLOUDFORMATION3 = Validate all parameters
 - [ ] GG-CLOUDFORMATION4 = Sort everything in alphabetical order (e.g. Labels, Parameters, Policy Actions, etc.)
 - [ ] GG-CLOUDFORMATION5 = No inline Lambda code
 - [ ] GG-CLOUDFORMATION6 = Use custom resource properties over Lambda resource environment variables
-- [ ] GG-CLOUDFORMATION7 = Scan templates using CFN NAG and provide metadata with specific reason for any findings that 
-  cannot be remediated
+- [ ] GG-CLOUDFORMATION7 = Scan templates using CFN NAG and provide metadata with specific reason for any findings that cannot be remediated
 
-### Encryption
+## Encryption
 
 - [ ] GG-ENCRYPTION1 = Enable encryption by default. Customer Managed KMS Key preferred.
 - [ ] GG-ENCRYPTION2 = Least privilege used in key policies
-  
-### IAM
 
-- [ ] GG-IAM1 = All IAM roles and users must be least privileged with full action names (no wildcards) listed in 
-  policies
-- [ ] GG-IAM2 = IAM policy files and/or statements are grouped by service with read and write actions in separate 
-  statements
+## IAM
+
+- [ ] GG-IAM1 = All IAM roles and users must be least privileged with full action names (no wildcards) listed in policies
+- [ ] GG-IAM2 = IAM policy files and/or statements are grouped by service with read and write actions in separate statements
 - [ ] GG-IAM3 = Avoid using AWS managed policies
 - [ ] GG-IAM4 = Restrict actions to a resource or resource prefix when possible
-  
-### Lambda 
+
+## Lambda
 
 - [ ] GG-LAMBDA1 = Add disclaimer stating input validation covered in CloudFormation
 - [ ] GG-LAMBDA2 = Handle all exceptions
@@ -34,14 +39,10 @@
 - [ ] GG-LAMBDA5 = Unique IAM role used for each function
 - [ ] GG-LAMBDA6 = Only include libraries that are not included by the Lambda runtime (e.g. boto3 containing new API)
 - [ ] GG-LAMBDA7 = Include a packaging script or instructions instead of including packaged Lambda code (e.g. zip file)
-- [ ] GG-LAMBDA8 = Run a SAST scan on the code and fix all findings, if possible but at a minimum fix critical and high 
-  findings (e.g. bandit for python)
-  
-### Testing
-
-- [ ] GG-SOLUTION_TESTING1 = Test deploying the solution in a multi-account environment using Customizations for 
-      AWS Control Tower
-- [ ] GG-SOLUTION_TESTING2 = Test removing the solution in a multi-account environment following the provided 
-  instructions
-- [ ] GG-SOLUTION_TESTING3 = Have at least 1 peer review of the solution before submitting a merge/pull request
+- [ ] GG-LAMBDA8 = Run a SAST scan on the code and fix all findings, if possible but at a minimum fix critical and high findings (e.g. bandit for python)
+
+## Testing
 
+- [ ] GG-SOLUTION_TESTING1 = Test deploying the solution in a multi-account environment using Customizations for AWS Control Tower
+- [ ] GG-SOLUTION_TESTING2 = Test removing the solution in a multi-account environment following the provided instructions
+- [ ] GG-SOLUTION_TESTING3 = Have at least 1 peer review of the solution before submitting a merge/pull request

LICENSE-SUMMARY

@@ -3,3 +3,5 @@ Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 The documentation is made available under the Creative Commons Attribution-ShareAlike 4.0 International License. See the LICENSE file.
 
 The sample code within this documentation is made available under the MIT-0 license. See the LICENSE-SAMPLECODE file.
+
+Please note when building the project that some of the configured developer dependencies are subject to copyleft licenses. Please review these as needed for your use.