Improving examples

seshubaws · Dec 14, 2023 · 9413a26 · 9413a26
1 parent f41026b
commit 9413a26
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 16 deletions.
diff --git a/docs/utilities/data_masking.md b/docs/utilities/data_masking.md
@@ -106,7 +106,7 @@ If `fields` is not provided, the entire data object will be masked (or encrypted
 You can mask data without having to install any encryption library. Masking data will result in the loss of its original type, and the masked data will always be represented as a string.
 
 === "getting_started_mask_data.py"
-    ```python hl_lines="1 6 10"
+    ```python hl_lines="4 8 16"
     --8<-- "examples/data_masking/src/getting_started_mask_data.py"
     ```
 
@@ -122,20 +122,20 @@ You can mask data without having to install any encryption library. Masking data
 
 ### Encryting data
 
-In order to encrypt data, you must use either our out-of-the-box integration with the AWS Encryption SDK, or install another encryption provider of your own. Encrypting data will temporarily result in the loss of the data's original type, as the encrypted data will be represented as a string while it is in ciphertext form. After decryption, the data will regain its original type.
+To encrypt data, utilize our built-in integration with the AWS Encryption SDK. Encrypting data will temporarily result in the loss of the original data type, as it transforms into a [ciphertext](https://en.wikipedia.org/wiki/Ciphertext){target="_blank" rel="nofollow"} string.
 
-You can still use the masking feature while using any encryption provider.
-
-=== "input.json"
-    ```json
-    --8<-- "examples/data_masking/src/generic_data_input.json"
-    ```
+To encrypt your data, you'll need a valid and symmetric [AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/data-protection.html){target="_blank"} key.
 
 === "getting_started_encrypt_data.py"
-    ```python hl_lines="3-4 12-13 15"
+    ```python hl_lines="5-6 12-13 22"
     --8<-- "examples/data_masking/src/getting_started_encrypt_data.py"
     ```
 
+=== "input.json"
+    ```json hl_lines="7-9 14"
+    --8<-- "examples/data_masking/src/generic_data_input.json"
+    ```
+
 === "output.json"
     ```json hl_lines="5-7 12"
     --8<-- "examples/data_masking/src/encrypt_data_output.json"

diff --git a/examples/data_masking/src/getting_started_decrypt_data.py b/examples/data_masking/src/getting_started_decrypt_data.py
@@ -0,0 +1,23 @@
+import os
+from typing import Dict
+
+from aws_lambda_powertools import Logger
+from aws_lambda_powertools.utilities._data_masking import DataMasking
+from aws_lambda_powertools.utilities._data_masking.provider.kms.aws_encryption_sdk import AwsEncryptionSdkProvider
+from aws_lambda_powertools.utilities.typing import LambdaContext
+
+logger = Logger()
+
+KMS_KEY_ARN = os.getenv("KMS_KEY_ARN")
+encryption_provider = AwsEncryptionSdkProvider(keys=[KMS_KEY_ARN])
+data_masker = DataMasking(provider=encryption_provider)
+
+
+def lambda_handler(event: Dict, context: LambdaContext) -> Dict:
+    data = event.get("body")
+
+    logger.info("Encrypting fields email, address.street, and company_address")
+
+    encrypted = data_masker.encrypt(data=data, fields=["email", "address.street", "company_address"])
+
+    return {"payload_encrypted": encrypted}
diff --git a/examples/data_masking/src/getting_started_encrypt_data.py b/examples/data_masking/src/getting_started_encrypt_data.py
@@ -1,17 +1,23 @@
 import os
+from typing import Dict
 
+from aws_lambda_powertools import Logger
 from aws_lambda_powertools.utilities._data_masking import DataMasking
 from aws_lambda_powertools.utilities._data_masking.provider.kms.aws_encryption_sdk import AwsEncryptionSdkProvider
+from aws_lambda_powertools.utilities.typing import LambdaContext
+
+logger = Logger()
 
 KMS_KEY_ARN = os.getenv("KMS_KEY_ARN")
+encryption_provider = AwsEncryptionSdkProvider(keys=[KMS_KEY_ARN])
+data_masker = DataMasking(provider=encryption_provider)
 
-def lambda_handler(event, context):
 
-    data = event["body"]
+def lambda_handler(event: Dict, context: LambdaContext) -> Dict:
+    data = event.get("body")
 
-    encryption_provider = AwsEncryptionSdkProvider(keys=[KMS_KEY_ARN])
-    data_masker = DataMasking(provider=encryption_provider)
+    logger.info("Encrypting fields email, address.street, and company_address")
 
     encrypted = data_masker.encrypt(data=data, fields=["email", "address.street", "company_address"])
 
-    data_masker.decrypt(data=encrypted, fields=["email", "address.street", "company_address"])
+    return {"payload_encrypted": encrypted}
diff --git a/examples/data_masking/src/getting_started_mask_data.py b/examples/data_masking/src/getting_started_mask_data.py
@@ -13,6 +13,6 @@ def lambda_handler(event: dict, context: LambdaContext) -> Dict:
 
     logger.info("Masking fields email, address.street, and company_address")
 
-    fields_masked = data_masker.mask(data=data, fields=["email", "address.street", "company_address"])
+    masked = data_masker.mask(data=data, fields=["email", "address.street", "company_address"])
 
-    return {"fields_masked": fields_masked}
+    return {"payload_masked": masked}