Merge pull request #31 from rahul188/main

Fixed the Python version issue and update the quickstart URLs

.gitignore

@@ -160,3 +160,6 @@ cython_debug/
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 #.idea/
+
+taskcat_outputs
+.taskcate_overrides.yml

.taskcat.yml

@@ -5,11 +5,13 @@ project:
 tests:
   newrelic-onboarding-us-west-2:
     parameters:
+      NewRelicLicenseKey: ''
+      AdditionalParametersLicenseKey: ''
       NewRelicAccountNumber: ''
       LaunchAccountList: ''
       NewRelicAccessKey: ''
       StackSetName: 'NewRelic-Integration'
-      StackSetUrl: 'https://newrelic-aws-quickstart.s3.amazonaws.com/control-tower/templates/newrelic-stack-set.yml'
+      StackSetUrl: 'https://cfn-ps-ct-newrelic-one.s3.us-east-2.amazonaws.com/newrelic-stack-set.yml'
     regions:
       - us-west-2
     template: templates/control-tower-customization.template.yml

templates/control-tower-customization.template.yml

@@ -209,8 +209,8 @@ Parameters:
   NewRelicAccessKey:
     Type: String
     NoEcho: true
-    AllowedPattern: '^([A-Z0-9-]){32}$'
-    ConstraintDescription: New Relic User key is 32 characters long, and contains only numbers and letters
+    AllowedPattern: '^[A-Za-z0-9]{40}$'
+    ConstraintDescription: New Relic User key is 40 characters long, and contains only numbers and letters
     Description: New Relic NerdGraph User key. See https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#user-api-key
   NerdGraphEndpoint:
     Type: String
@@ -225,11 +225,11 @@ Parameters:
     Default: NewRelic-Integration
   StackSetUrl:
     Type: String
-    Default: https://aws-quickstart.s3.amazonaws.com/quickstart-ct-newrelic-one/templates/newrelic-stack-set.yml
+    Default: https://cfn-ps-ct-newrelic-one.s3.us-east-2.amazonaws.com/newrelic-stack-set.yml
     Description: New Relic integration StackSet template URL    
   QSS3BucketName:
     Type: String
-    Default: aws-ia
+    Default: cfn-ps-ct-newrelic-one
     Description: "S3 bucket for Quick Start assets. Use this if you want to customize your deployment. The bucket name can include numbers, lowercase letters, uppercase letters, and hyphens, but it cannot start or end with hyphens (-)."
   QSS3KeyPrefix:
     Type: String
@@ -274,21 +274,21 @@ Resources:
                   - s3:GetObject
                   - s3:GetObjectTagging
                 Resource:
-                  - !Sub 'arn:${AWS::Partition}:s3:::${QSS3BucketName}/${QSS3KeyPrefix}*'
+                  - !Sub 'arn:${AWS::Partition}:s3:::${QSS3BucketName}/*'
               - Effect: Allow
                 Action:
                   - s3:PutObject
                   - s3:DeleteObject
                   - s3:PutObjectTagging
                 Resource:
-                  - !Sub 'arn:${AWS::Partition}:s3:::${LambdaZipsBucket}/${QSS3KeyPrefix}*'
+                  - !Sub 'arn:${AWS::Partition}:s3:::${LambdaZipsBucket}/*'
 
   CopyZipsFunction:
     Type: AWS::Lambda::Function
     Properties:
       Description: Copies objects from the S3 bucket to a new location.
       Handler: index.handler
-      Runtime: python3.7
+      Runtime: python3.12
       Role: !GetAtt 'CopyZipsRole.Arn'
       Timeout: 240
       Code:
@@ -350,7 +350,7 @@ Resources:
         S3Bucket: !Ref LambdaZipsBucket
         S3Key: !Join ['', [!Ref 'QSS3KeyPrefix', 'functions/packages/onboarding/NewRelicCTOnboarding.zip']]
       Handler: onboarding.lambda_handler
-      Runtime: python3.7
+      Runtime: python3.12
       Timeout: 120
       Environment:
         Variables:
@@ -394,11 +394,17 @@ Resources:
         PolicyDocument:
           Version: 2012-10-17
           Statement:
+          - Sid: StackSet
+            Effect: Allow
+            Action:
+            - cloudformation:GetTemplateSummary
+            Resource: '*'
           - Sid: StackSetInstanceCreate
             Effect: Allow
             Action:
             - cloudformation:CreateStackInstances
             - cloudformation:ListStackInstances
+            - cloudformation:GetTemplateSummary
             Resource:
               !Join ['', ['arn:aws:cloudformation:', !Ref 'AWS::Region', ':', !Ref 'AWS::AccountId', ':stackset/',  !Ref StackSetName, '*' ]]
           - Sid: StackSetInstanceDelete
@@ -414,6 +420,7 @@ Resources:
             Action:
             - cloudformation:CreateStackSet
             - cloudformation:DescribeStackSet
+            - cloudformation:GetTemplateSummary
             Resource:
               !Join ['', ['arn:aws:cloudformation:', '*', ':', '*', ':stackset/NewRelic-*' ]]
           - Sid: S3Ops
@@ -422,7 +429,7 @@ Resources:
             - s3:ListBucket
             - s3:GetObject
             Resource: 
-            - !Join ['',['arn:aws:s3:::', !Ref QSS3BucketName, '/', !Ref QSS3KeyPrefix, '*']]
+            - !Join ['',['arn:aws:s3:::', !Ref QSS3BucketName, '/', '*']]
           - Sid: SNSOps
             Effect: Allow
             Action:
@@ -548,7 +555,7 @@ Resources:
         S3Bucket: !Ref LambdaZipsBucket
         S3Key: !Join ['', [!Ref 'QSS3KeyPrefix', 'functions/packages/stackset/NewRelicCTStackSet.zip']]
       Handler: stackset.lambda_handler
-      Runtime: python3.7
+      Runtime: python3.12
       Timeout: 120
       ReservedConcurrentExecutions: 1
       Environment:
@@ -624,7 +631,7 @@ Resources:
         S3Bucket: !Ref LambdaZipsBucket
         S3Key: !Join ['', [!Ref 'QSS3KeyPrefix', 'functions/packages/register/NewRelicCTRegister.zip']]
       Handler: register.lambda_handler
-      Runtime: python3.7
+      Runtime: python3.12
       Timeout: 120
       ReservedConcurrentExecutions: 5
       Environment:

templates/newrelic-hub-cfct.yaml

@@ -41,8 +41,8 @@ Parameters:
   NewRelicAccessKey:
     Type: String
     NoEcho: true
-    AllowedPattern: '^([A-Z0-9-]){32}$'
-    ConstraintDescription: New Relic User key is 32 characters long, and contains only numbers and letters
+    AllowedPattern: '^[A-Za-z0-9]{40}$'
+    ConstraintDescription: New Relic User key is 40 characters long, and contains only numbers and letters
     Description: New Relic NerdGraph User key. See https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#user-api-key
   NerdGraphEndpoint:
     Type: String
@@ -120,10 +120,15 @@ Resources:
 
   CopyZipsFunction:
     Type: AWS::Lambda::Function
+    Metadata:
+      cfn-lint:
+        config:
+          ignore_checks:
+            - E3030
     Properties:
       Description: Copies objects from the S3 bucket to a new location.
       Handler: index.handler
-      Runtime: python3.7
+      Runtime: python3.12
       Role: !GetAtt 'CopyZipsRole.Arn'
       Timeout: 240
       Code:
@@ -286,12 +291,17 @@ Resources:
   NewRelicRegisterFunction:
     Type: AWS::Lambda::Function
     DependsOn: CopyZips
+    Metadata:
+      cfn-lint:
+        config:
+          ignore_checks:
+            - E3030
     Properties:
       Code:
         S3Bucket: !Ref LambdaZipsBucket
         S3Key: !Join ['', [!Ref 'QSS3KeyPrefix', !FindInMap ["SourceCode", "Key", "Register"]]]
       Handler: cfct_register.lambda_handler
-      Runtime: python3.7
+      Runtime: python3.12
       Timeout: 120
       ReservedConcurrentExecutions: 5
       Environment: