From 15b98c1b2ef342b2b000ef7a6d38e94f6b08dbab Mon Sep 17 00:00:00 2001
From: panther-bot <github-service-account@runpanther.io>
Date: Mon, 25 Nov 2024 20:40:17 +0000
Subject: [PATCH] sync changes from panther-labs/panther-enterprise#20592

---
 cloudformation/panther-deployment-role.yml                    | 1 -
 serverless/panther-preflight-tools/readiness-check/src/app.py | 4 ++--
 .../readiness-check/src/s3_select_check.py                    | 1 -
 3 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/cloudformation/panther-deployment-role.yml b/cloudformation/panther-deployment-role.yml
index 8b33ed5..55f9699 100644
--- a/cloudformation/panther-deployment-role.yml
+++ b/cloudformation/panther-deployment-role.yml
@@ -326,7 +326,6 @@ Resources:
               - kms:DeleteImportedKeyMaterial
               - kms:ScheduleKeyDeletion
               - s3:DeleteBucket
-              - sns:DeleteTopic
             Resource: '*'
 Outputs:
   DeploymentRoleArn:
diff --git a/serverless/panther-preflight-tools/readiness-check/src/app.py b/serverless/panther-preflight-tools/readiness-check/src/app.py
index d762373..d5ce150 100644
--- a/serverless/panther-preflight-tools/readiness-check/src/app.py
+++ b/serverless/panther-preflight-tools/readiness-check/src/app.py
@@ -165,14 +165,14 @@ def check_s3_select_readiness() -> bool:
     return s3check.is_enabled()
 
 
-def lambda_handler(_: dict[str, Any], __: Any) -> str:
+def lambda_handler(_: dict[str, Any], __: Any) -> dict:
     """
     Lambda entrypoint.  Accepts no input values. The "where" of it's running is
     the most important aspect.
     """
 
     return {
-        'deployment_role_readiness_results': check_deployment_role_readiness(_, __),
+        'deployment_role_readiness_results': check_deployment_role_readiness(),
         's3_select_enabled': check_s3_select_readiness()
     }
 
diff --git a/serverless/panther-preflight-tools/readiness-check/src/s3_select_check.py b/serverless/panther-preflight-tools/readiness-check/src/s3_select_check.py
index d30c26d..a094136 100644
--- a/serverless/panther-preflight-tools/readiness-check/src/s3_select_check.py
+++ b/serverless/panther-preflight-tools/readiness-check/src/s3_select_check.py
@@ -86,7 +86,6 @@ def _setup_bucket(self):
             self.s3.create_bucket(Bucket=self.test_bucket_name)
             self.log.info(f'test s3 bucket ({self.test_bucket_name}) created without LocationConstraint')
 
-
     def _cleanup_bucket(self):
         self.log.info(f'cleaning up test s3 bucket ({self.test_bucket_name})')
         self.s3.delete_bucket(Bucket=self.test_bucket_name)