# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: MIT-0

import boto3
import logging
import utils
from service_analyser import ServiceAnalyser

class LambdaAnalyser(ServiceAnalyser):

    def __init__(self, account_analyser, region):
        super().__init__(account_analyser, region, 'lambda')

    def get_findings(self):
        session = self.get_aws_session()
        aws_lambda = session.client("lambda", region_name=self.region)

        for lambda_func in utils.invoke_aws_api_full_list(aws_lambda.list_functions, "Functions"):

            if "VpcConfig" not in lambda_func.keys(): #Ignore if there is no VpcConfig in the function
                continue

            if lambda_func["VpcConfig"]["VpcId"]: #If it is populated only then is it VPC Enabld. If not, this check can be ignored.
                finding_rec = self.get_finding_rec_from_response(lambda_func)
                if len(lambda_func["VpcConfig"]["SubnetIds"]) == 1:
                    finding_rec['potential_issue'] = True
                    finding_rec['message'] = f"Lambda: VPC Enabled Lambda function {lambda_func['FunctionName']} is configured to run in only one subnet."
                else:
                    finding_rec['potential_issue'] = False
                    finding_rec['message'] = f"Lambda: VPC Enabled Lambda Function {lambda_func['FunctionName']} is configured to run in more than one subnet"
                self.findings.append(finding_rec)

    #Contains the logic to extract relevant fields from the API response to the output csv file.
    def get_finding_rec_from_response(self, lambda_func):

        finding_rec = self.get_finding_rec_with_common_fields()
        finding_rec['resource_id'] = ''
        finding_rec['resource_name'] = lambda_func['FunctionName']
        finding_rec['resource_arn'] = lambda_func['FunctionArn']
        return finding_rec