chore(deps): bump aws-lambda-powertools[aws-sdk] from 2.32.0 to 2.33.0 in /src

[dependabot[bot]]

Bumps aws-lambda-powertools[aws-sdk] from 2.32.0 to 2.33.0.

Release notes

Sourced from aws-lambda-powertools[aws-sdk]'s releases.

v2.33.0

Summary

We are pleased to announce our first security feature: Data Masking. You can now encrypt, decrypt, or irreversibly erase sensitive information to protect data confidentiality.

We also made enhancements to our OpenAPI utility, and fixed some bugs!

⭐ Huge thanks to our new contributor: @​maauk

Data masking

Docs

You can now encrypt, decrypt, or irreversibly erase sensitive information to protect data confidentiality.

We partnered with the AWS Crypto team to offer a thin layer on top of the AWS Encryption SDK and Amazon KMS, optimized to run on AWS Lambda ephemeral environments.

At launch, Data Masking solves three common use cases, with a fourth one (field encryption) coming.

1. Selectively erase confidential data. You want to remove sensitive information from one or more fields for a given payload, however nested these fields might be.
2. Encrypt and decrypt an entire payload. You want to protect the entire payload while ensuring data integrity, and optionally add metadata to each operation for further protection.
3. Use multiple keys for high availability. You want to use more than one Amazon KMS key to encrypt while allowing decryption with any of the keys used for encryption.

It wouldn't be awesome if we didn't mention that we spent a few months crafting several code snippets, use cases, diagrams, and a simplified terminology to help you digest common industry security practices.

Enough with the talk :) Here's a working code snippet with these use cases combined.

from __future__ import annotations
import os
from aws_lambda_powertools import Logger
from aws_lambda_powertools.utilities.data_masking import DataMasking
from aws_lambda_powertools.utilities.data_masking.provider.kms.aws_encryption_sdk import (
AWSEncryptionSDKProvider,
)
from aws_lambda_powertools.utilities.typing import LambdaContext
KEY_ONE = os.getenv("KMS_KEY_ARN", "")
KEY_TWO = os.getenv("KMS_KEY_TWO_ARN", "")
logger = Logger()
encryption_provider = AWSEncryptionSDKProvider(keys=[KEY_ONE, KEY_TWO])  # encrypt/decrypt operations
data_masker = DataMasking(provider=encryption_provider)
@​logger.inject_lambda_context
</tr></table>

... (truncated)

Changelog

Sourced from aws-lambda-powertools[aws-sdk]'s changelog.

[v2.33.0] - 2024-02-02

Bug Fixes

• data-masking: fix and improve e2e tests for DataMasking (#3695)
• event-handler: strip whitespace from Content-Type headers during OpenAPI schema validation (#3677)

Documentation

• data-masking: add docs for data masking utility (#3186)
• metrics: fix empty metric warning filter (#3660)
• proccess: add versioning and maintenance policy (#3682)

Features

• event_handler: support Header parameter validation in OpenAPI schema (#3687)
• event_handler: add support for multiValueQueryStringParameters in OpenAPI schema (#3667)

Maintenance

• version bump
• deps: bump codecov/codecov-action from 3.1.5 to 3.1.6 (#3683)
• deps: bump codecov/codecov-action from 3.1.4 to 3.1.5 (#3674)
• deps: bump pydantic from 1.10.13 to 1.10.14 (#3655)
• deps: bump squidfunk/mkdocs-material from 58eef6c to 9aad7af in /docs (#3670)
• deps: bump the layer-balancer group in /layer/scripts/layer-balancer with 1 update (#3665)
• deps: bump squidfunk/mkdocs-material from 9aad7af to a4a2029 in /docs (#3679)
• deps-dev: bump sentry-sdk from 1.39.2 to 1.40.0 (#3684)
• deps-dev: bump ruff from 0.1.14 to 0.1.15 (#3685)
• deps-dev: bump ruff from 0.1.13 to 0.1.14 (#3656)
• deps-dev: bump aws-cdk from 2.122.0 to 2.123.0 (#3673)
• deps-dev: bump aws-cdk from 2.124.0 to 2.125.0 (#3693)
• deps-dev: bump aws-cdk from 2.123.0 to 2.124.0 (#3678)

Commits

• 8f4a46a chore: version bump
• 94c588e fix(data-masking): fix and improve e2e tests for DataMasking (#3695)
• 90df6b1 chore(ci): changelog rebuild (#3696)
• a15a358 chore(deps-dev): bump aws-cdk from 2.124.0 to 2.125.0 (#3693)
• 33820d1 feat(event_handler): support Header parameter validation in OpenAPI schema (#...
• ced0a3d docs(data-masking): add docs for data masking utility (#3186)
• b784598 chore(ci): changelog rebuild (#3690)
• e1a4d1e docs(proccess): add versioning and maintenance policy (#3682)
• b591bb8 chore(ci): changelog rebuild (#3686)
• 7d88b54 chore(deps-dev): bump ruff from 0.1.14 to 0.1.15 (#3685)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)