From cf582eb54534a3343432268e2feeb6911d800444 Mon Sep 17 00:00:00 2001
From: matt-slalom <71734551+matt-slalom@users.noreply.github.com>
Date: Sun, 11 Jul 2021 17:49:25 -0700
Subject: [PATCH] Remove unnecessary KMS deletion window code (#918)

* Correct KMS window deletion module

* Delete unnecessary AWS KMS deletion window module
---
 .../AWS.KMS.Logging.High.0400.json            | 15 ---------------
 .../aws_kms_key/kmsKeyNoDeletionWindow.rego   | 19 -------------------
 2 files changed, 34 deletions(-)
 delete mode 100755 pkg/policies/opa/rego/aws/aws_kms_key/AWS.KMS.Logging.High.0400.json
 delete mode 100755 pkg/policies/opa/rego/aws/aws_kms_key/kmsKeyNoDeletionWindow.rego

diff --git a/pkg/policies/opa/rego/aws/aws_kms_key/AWS.KMS.Logging.High.0400.json b/pkg/policies/opa/rego/aws/aws_kms_key/AWS.KMS.Logging.High.0400.json
deleted file mode 100755
index 5ab8ae172..000000000
--- a/pkg/policies/opa/rego/aws/aws_kms_key/AWS.KMS.Logging.High.0400.json
+++ /dev/null
@@ -1,15 +0,0 @@
-{
-    "name": "kmsKeyNoDeletionWindow",
-    "file": "kmsKeyNoDeletionWindow.rego",
-    "policy_type": "aws",
-    "resource_type": "aws_kms_key",
-    "template_args": {
-        "prefix": ""
-    },
-    "severity": "HIGH",
-    "description": "Ensure rotation for customer created CMKs is enabled",
-    "reference_id": "AWS.KMS.Logging.High.0400",
-    "category": "Security Best Practices",
-    "version": 2,
-    "id": "AC_AWS_0161"
-}
\ No newline at end of file
diff --git a/pkg/policies/opa/rego/aws/aws_kms_key/kmsKeyNoDeletionWindow.rego b/pkg/policies/opa/rego/aws/aws_kms_key/kmsKeyNoDeletionWindow.rego
deleted file mode 100755
index 0af0099a3..000000000
--- a/pkg/policies/opa/rego/aws/aws_kms_key/kmsKeyNoDeletionWindow.rego
+++ /dev/null
@@ -1,19 +0,0 @@
-package accurics
-
-{{.prefix}}kmsKeyNoDeletionWindow[retVal] {
-    kms_key = input.aws_kms_key[_]
-    kms_key.config.is_enabled == true
-    kms_key.config.enable_key_rotation == true
-    invalid_window_in_days(kms_key.config.deletion_window_in_days) == true
-    traverse = "deletion_window_in_days"
-    retVal := { "Id": kms_key.id, "ReplaceType": "edit", "CodeType": "attribute", "Traverse": traverse, "Attribute": "deletion_window_in_days", "AttributeDataType": "int", "Expected": 90, "Actual": kms_key.config.deletion_window_in_days }
-}
-
-invalid_window_in_days(days) = true {
-    days == null
-}
-
-invalid_window_in_days(days) = true {
-    days != null
-    days > 90
-}
\ No newline at end of file