The WHERE clause filters out job execution events that come from Greengrass deployments, but will catch job execution events for any other jobs, not just certificate rotation jobs. This is not a functional problem because the job_execution_terminal Lambda will not process job execution events from other jobs: https://github.com/awslabs/aws-greengrass-labs-certificate-rotator/blob/main/backend/lambda/job_execution_terminal/job_execution_terminal.py#L123. However there would be a small cost implication because the Lambda had to run to decide to take no action. It would be preferable if the WHERE clause of the rule matched only job execution events for certificate rotation jobs.
This is only an issue if:
The Greengrass devices have another custom component that uses jobs, OR
The AWS account includes non-Greengrass devices that use jobs
Otherwise there would be no job execution events that weren't certificate rotations.
The JobExecutionTerminal rule is defined here: https://github.com/awslabs/aws-greengrass-labs-certificate-rotator/blob/main/backend/lib/certificate-rotator-stack.ts#L52
The WHERE clause filters out job execution events that come from Greengrass deployments, but will catch job execution events for any other jobs, not just certificate rotation jobs. This is not a functional problem because the job_execution_terminal Lambda will not process job execution events from other jobs: https://github.com/awslabs/aws-greengrass-labs-certificate-rotator/blob/main/backend/lambda/job_execution_terminal/job_execution_terminal.py#L123. However there would be a small cost implication because the Lambda had to run to decide to take no action. It would be preferable if the WHERE clause of the rule matched only job execution events for certificate rotation jobs.
This is only an issue if:
Otherwise there would be no job execution events that weren't certificate rotations.